Changes for package: BASE =============================================================================== $Id$ =============================================================================== 2.0.2: ------ 18.01.2002 fm - mkfli4l: added logging to img/mkfli4l.log 19.02.2002 fm - ens: no limitations of DNS_FORBIDDEN anymore - mkfli4l rejects now old config.txt - replaced ip_masq_vpn-2.2.15.patch by ip_masq_vpn-2.2.18.patch 21.01.2002 tg - ip-(up|down).portfw: more verbose messages and some fixes 21.01.2002 hs - added mylib-directory to add own libs to opt.tgz (see also mybin) 27.01.2002 cp - added drivers for ELSA Airlancer MC-2 and IBM EtherJet PCMCIA 03.02.2002 fm - added fealnx driver for LAN 8139 NIC (not RTL 8139) - updated eepro.o - updated cs89x0.o - added sundance.o for DFE-550FX or DFE-530TXS - added REJECT-TCP & DENY-TCP (and UDP) for FIREWALL_DENY_PORT_x - updated rtl8139.o (from scyld.com incl. pci-scan) 04.02.2002 fm - new kernel - compiles with -Os - rc.local: console link to tty1 or ttySx - solve interrupt problem 04.02.2002 nico - mktgz.bat: added additional parameter -cls 09.02.2002 fm - added 8139too and smc-ultra32 drivers 09.02.2002 fm - updated h323 masquerading module 2.1.0: ------ 17.02.2002 tobig - changed syntax of masq-module loading (again ;-) ) and added a lot of documentation about it 20.02.2002 rr - changed etc/rc.d/eth so that 8390.o and pci-scan.o will be loaded if they exist and not only when they are defined as ethernet-driver - changed config/base.txt: removed driver-names 8390 and pci-scan because this files are automatically copied onto the disk when necessary by opt/base.txt 21.02.2002 hs - added PCI-Bus information to support.sh 02.03.2002 fm - added host route configuration in opt/etc/rc.d/route - added sort command in mktgz.sh and mkfloppy.sh - added original rtl8139.o as rtl8139-orig.o 04.03.2002 jw5 - Added regular expressions to check process, see developer documentation (unfortunatly only in german at this point in time) - added opt/base.exp which contains the basic regexps - remove special handling of base, dsl, isdn and replace it with a more general concept - remove special handling of eth_drv_n, scsi_drv_n and isdn_type and use a more general concept - standalone tool regexp added which can be used to develop regular expressions and provides a nice introduction to regexps - base/doc/dev/regexp.txt added which describes the new check process and regular expression - opt/package.txt adjusted to new file format (see base/doc/dev/opt.txt) 05.03.2002 jw5 - use *_% variables instead of *_N variables in opt/package.txt to stay conform with the format used by check/package.txt - added some new regexp checks in check/base.txt as an example of regexp usage: MOUNT_OPT - - RE:ro|rw|no PART_OPT - - PARTITION UPDATE_MODE - - RE:add|cfg|full|none 06.03.2002 jw5 - fix bug in *_% variable handling. Files depending on these variables have been added to zip list regardless of the contents of the opt variable thei were depending on. - fix a bug with short opt names (e.g. e3); we accidently didn't copy any files depending on short opt names - doc changes: - base/doc/dev/opt.txt: added remarks about new opt/package.txt format and reference to regexp.txt for check/package.txt files - base/doc/dev/regexp.txt: new file describing the usage of regular expression within check/package.txt 07.03.2002 jw5 - Added weak declaration for external symbols. If a packet references an externally defined variable, it may happen that the package defining this variable isn't present. This would trigger an error message in mkfli4l which expects to find all variables referenced by opt/package.txt. To handle this situation package developers can add a "weak"-declaration for external variables. It has the following format: opt/package.txt: weak variable - This introduces the variable to mkfli4l if its not already present and will set it to 'undefined'. If its necessary we may use the third field to introduce default values. The infrastructure is already there. 11.03.2002 jw5 - added better check facility (see documentation) 13.03.2002 jw5 mkfli4l schreibt nun zusätzlich eine volle rc-config nach img/full_rc.cfg. Dort sind Variablen, die nicht in die eigentliche rc.cfg übernommen wurden, mit einem vorangestellten "# " gekennzeichnet. Damit kann man leichter überprüfen, ob man seine check/package.txt richtig geschrieben hat. Tauchen in der vollen rc.cfg auskommentierte Variablen auf, die eigentlich aktiv sein sollten, hat man in der check/package.txt Datei was falsch gemacht. 16.03.2002 rr - modified etc/rcd./route and circuit to set router quietly because of an error-message when the routes are already set. 18.03.2002 rr - IP_ETH_X_NETWORK now obsolete 19.03.2002 jw5 - .*_DO_DEBUG-variables are always exported now - introduced foreach to be able to iterate over %-variables - introduced special meaning for '$' and '%' in strings - updated documentation 20.03.2002 hs - removed ide-drivers from kernel 21.03.2002 rr - updated rootfs /dev nodes - removed hd[a-d][8-15] - added hd[e-h][0-7], sd[a-d][0-7], scd[0-3] 24.3.2002 jw5 - check whether % variable is actually used before copying a file depending on it 27.3.2002 jw5 - use 0.0.0.0 if no remote ip is specified. This prevents ifconfig from generating routes while bringing up the interfaces. 29.03.2002 hs - renamed many startup-files, changed rootfs for new startup-concept - following changes in rootfs.gz: deleted /var/log/wtmp,/var/rum/utmp and /var/run/|printer moved /dev/msys/fla* dev /dev/fla* deleted symlink /dev/cdrom /etc/rc doesn't call rc.local any more. /etc/rc runs all rc-scripts from /etc/rc.d changes formatting of ram1 (/opt) from 1024 byte to 4096 byte per inode edited /etc/mklinks.sh, so it makes no errors if an file is already in rootfs created directories /etc/prep, /etc/rc0.d and /etc/rc.d 01.04.2002 hs - converted variable next_rd to file /var/run/next_rd 01.04.2002 hs - added function call to rc.scripts 02.04.2002 jw5 - introduced logical expression "copy_pending(string)" to allow checking of copy operations which depend on the value of a % variable - moved check whether we copied a file for each instance of eth_drv_% and masq_module_% to check/base.ext 03.04.2002 jw5 - added match operator and index operator - introduced debug options for mkfli4l to get nicer debug output 04.04.2002 rr - Unpacking of opt.tgz now produces one '.' per extracted file and no file-list any more - EXT2-fs warning removed 07.04.2002 jw5 - added "foreach i in var_n loop" - added temporary variables - logical expressions now behave as expected (evaluation of and is canceled after the first false term, or after the first true term) - we now first build a parse tree before actually start to execute a script 08.04.2002 jw5 - sorting zip list 09.04.2002 rr - reworked rootfs (etc/rc) to use $PART_OPT also for defining the Ramdisk-Size 'auto' selects Auto-Calculation of Size any number defines Ramdisk-Size numbers below 300 do auto-detect and adjust the calculation other entries than 'auto' and /[0-9]+/ select a Harddisk Partition 21.04.2002 fm - ens: fixed bug: query "NS IN domain" 22.04.2002 fm - new natsemi driver 25.04.2002 fm - resolv.conf will be now filled with DNS_FORWARDERS as nameservers if START_DNS='no' 25.04.2002 jw5 - introduced new host configuration replaced host_x with host_x_{attribute}; possible attributes: - IP, NAME - MAC, ALIAS_N, ALIAS_x (optional) 30.04.2002 fm - mkfli4l: ignore lower/upper case of base.txt, dsl.txt, isdn.txt 01.05.2002 fm - new winbond-840 driver 08.05.2002 tobig - changed ip-up and ip-down for nicer syslog 11.05.2002 tobig - changed ip-up and ip-down so that custom scripts can work on non-default-routes 13.05.2002 rresch - added Shutdown-Scripts 21.05.2002 tobig - reworked portfw for easier configuration and added eth-portfw 22.05.2002 fm - ens: added additional (special) forwarders - etc/rc.d/rc335.dns: increased forward timeout from 50 sec (default) to 70 sec - imond: added new commands fli4l-id & highscore 01.06.2002 tobig - removed portfw.sh & portfw-prep from opt/base.txt - do a fork for each sync-call in imond, hd-installs could block on this - fixed some checks (MASQ_NETWORK) 09.06.2002 tobig - added the 2nd startscript for portfw to opt/base.txt 16.06.2002 fm - inserted htb-patch for QOS. 06.07.2002 tobig - small bugfix in regex.c: allow spaces to indent check-".exp"-files - bugfix for portfw: fixed typo 2.1.1: ------ 15.08.2002 hansmi - fixed 4GB Overflow-Bug in imond 17.08.2002 tobig - fixed imond to not produce zombies (bug 3 in Jitterbug) - bugfix for portfw: portranges now work! 18.08.2002 tobig - paranoia: remove rc.cfg after boot and set umask for /boot to 077 20.08.2002 cp - switched everything from ext2-rootfs to minix-rootfs 26.08.2002 jw5 - moved local time zone support to base package (supported via TIME_INFO config variable) 03.09.2002 tobig - added memory-info to support.sh 09.09.2002 tb - changed FORWARD_TRUSTED_NETS to TRUSTED_NETS 10.09.2002 fm - added input chain rule for TRUSTED_NETS 12.09.2002 tobig - renamed some errors in imond 18.09.2002 tobig - repair permissions of files from opt.tgz on bootup - cleaned up the Makefile and sources of the base-programs - rebuilt imond binary (it was an old one) 28.09.2002 tobig - removed shell-functions from init-scripts - fixed indention of some files 02.10.2002 tobig - use right rc.cfg in support.sh 13.10.2002 tobig - updated dev-doc 16.10.2002 tb - ppp/ip-down corrected: elif [ -f /etc/last-default-route-interface ] _then_ 20.10.2002 jw5 - removed manipulation of masq timeouts since the ipchain emulation doesn't support it. It set the following defaults instead: "Sorry: masquerading timeouts set 5DAYS/2MINS/60SECS\n" 03.11.2002 tobig - removed detection of kernel version - moved portforwarding to iptables 20.11.2002 tobig - removed the latest bugs from portforwarding ;) 24.11.2002 tobig - another bug in portforwarding: config-checking was wrong 27.11.2002 tobig - yes, another bugfix for portforwarding! 28.11.2002 harri - added new syslinux-1.76 for unix-users (this was already done for win-users and hd-install) 29.11.2002 harri - fixed different tabwidth in etc/fstab (rootfs) - added dtou for etc/adjtime to prevent error-message of hwclock 03.12.2002 tobig - Did I mention it already? There was a bug in setup-portfw.sh ;) Now it's working for me... 05.12.2002 fm - exchanged kernel and modules from 2.4.19 to 2.4.20 07.12.2002 tobig - doc-update: removed "both" for portforwarding and updated masq-modules for kernel 2.4 07.12.2002 fm - added new nic drivers - added support for gigabit cards 2.1.2: ------ ??.01.2003 jw5 - implemented kernel module concept, mkfli4l now takes the kernel version from opt/etc/kernel-version and substitutes any occurence of $KERNELVERSION$ in opt/package.txt with the current version 26.01.2003 hs - removed optional variables except host-configuration. 26.01.2003 tobig - added md5-challenge-response-authentication to imond ??.01.2003 jw5 - optional variables are gone (ROUTE_NETWORK, TRUSTED_NETWORKS, DNS_FORWARDERS), they have to be specified and left empty if not used (hs forgot to adapt documentation and regexps) 15.02.2003 tobig - added iwconfig (WLAN) to support.sh 16.02.2003 fm - replaced ens by actual version (additional dns forwarders, syslog and forbidden domains) 18.02.2003 fm - corrected additional forwarder statement for ens 2.1.3: ------ 02.04.2003 hs - added MX-entries to DNS-configuration 07.04.2003 tobig - added kernel patch for right removing of connections on ip-down 21.04.2003 hs - removed check for existing graphic-card. this adds possibility to have a console without vga-card to send a beep for example - removed factor for free space from opt-ramdisk calculation, fixed checking of PART_OPT 28.04.2003 fm - imond: added socket option SO_REUSEADDR for easy restart 13.05.2003 tb - /etc/ppp/ip-up: waiting for boot finished 15.05.2003 fm - log-Script: fixed problem with wildcards - now disable file name generation (globbing) 25.05.2003 tobig - cleaned up ip-(up|down).ens a bit 01.06.2003 - made changes for Fritz!Card DSL + circuit in ip-up and ip-down - made changes for Fritz!Card DSL in fli4lctrl 2003 jw5 - moved circuit configuration to their own packages - rewrote paket filter configuration and documentation, it now behaves nearly like 2.0 (we have a little bit more control over ROUTE_NETWORKS) - fixed white list bug (replies where dropped, fixed by adding state rule) - fixed portforwarding - fixed port forwarding and white lists - fixed port forwarding setup for static ip addresses - allowed forwarding of protocols (needed for protocols like gre) - wrote new alternative paket filter configuration (see appendix of base documentation) 01.07.2003 jw5 - removed potential deadlock during dialup (imond,fli4lctrl,ens,ip-up,imond-stat,imond) 03.08.2003 tb - added ports 135, 136, 445 to FORWARD_DENY_PORT_x 27.08.2003 tobig - cleaned up md5 source files (for imond) to get a cleaner diff against the original BusyBox 1.0 coreutils/md5sum.c 28.08.2003 tobig - imond.c/md5.c: moved hexmd5 to imond.c - imond.c: Added a bunch of newlines for the syslog messages - imond.c: removed copy-on-same-memory-code :) 05.09.2003 knuffel - opt.txt: added mii.o for starfire (Claas Hilbrecht) 08.09.2003 tobig - added warning for WinACE-users xx.09.2003 - added SNAT target to new firewall configuration - upgrade to Linux 2.4.22 - upgrade to microClibc 0.9.20 - upgrade to busybox 1.0-pre3 (nearly, upgrade to cvs state two days before busybox pre3 release 20.09.2003 tobig - changed support.sh to not print WLAN keys 12.11.2003 tobig - fixed menu in some ways (dtou, rc.cfg) 15.11.2003 tobig - changed menu again: intelligent logging, removed most redundancy, some colors, code cleanup, indention - and a bugfix for the menu, the last for today 25.11.2003 jw5 - added support for config specific files, mkfli4l checks whether a file is under "$config_dir" and under "opt" and prefers the version under "$config_dir". mktgz.sh checks whether there are files under "$config_dir" and appends them to opt.tar. 12.12.2003 hs - removed eisa-nic ac3200, added r8169 and b44 network drivers 21.21.2003 george - added new dns-server dnsmasq as default if START_DNS = "yes" then dnsmasq is used, if "ens" then ens is used 27.12.2003 george - changed the dokumentation in sektion DNS Server. START_DNS has now three parameters: yes, ens and no. yes for the dnsmasq, ens for ens and no for no DNS Server. LISTENIP_N and LISTENIP_% are now in the config/base.txt. LISTENIP_N is the number of IP's dnsmasq should listen on, and LISTENIP_% are the IP's to listen on. ATTENTION: List in LISTENIP_% only IP's that are valid. The dnsmasq will not start, if you list one IP that is not valid! The mx-record now has a differend behavior when using ens or dnsmasq. The dnsmasq can only handle one mx-record, the ens several ones. 2.1.6: ------ 01.02.2004 jw5 - upgraded to busybox-1.0 pre6 02.02.2004 hs - rebuild menu to support better descriptions 08.02.2004 jw5 - reactivated token ring support - stripped unnecessary symbols from modules to reduce size 08.02.2004 tobig - set PATH in ip-up and ip-down 20.02.2004 - removed 2.4.20 patches 27.02.2004 hs - fixed the problem with opt_menu=yes and winscp-connection without shell-definition 2004 jw5/rresch - stripped modules as far as possible to reduce size - fli4lctrl now handles hangup for inode/xdsl correctly 2.1.7: ------ 08.03.2004 hs - add serconsole.sh to bootmenu 13.03.2004 tb - overriding the maximum limit of connection tracking entries is possible now 16.03.3.04 tobig - moved some stuff from rootfs to base 17.03.2004 tobig - use /sbin for kernel tools in mkkernel.sh, set DEPMOD and MODINFO in environment to override 19.03.2004 hs - cleanups in menu-languages 05.04.2004 tobig - moved from minix ramdisks to tmpfs 11.04.2004 tobig - corrected permissions of tmpfs mounts 17.04.2004 lanspezi - add function to redirect domain[s] to an IP 25.04.2004 babel - add new imond binary and src update with isdn raw up/down support 29.04.2004 babel - allow dummy devices with ETH_DRV and IP_ETH_* 2.1.8: ------ 07.05.2004 tobig - export PATH to sub-shells in ip-up and ip-down 07.05.2004 lanspezi - removed dns-server ens 08.05.2004 lanspezi - add function to fake reverse lookups for RFC1918 private address ranges - DNS_BOGUS_PRIV xx.05.2004 - switch default packet filter config to new configuration, old config is still available - added apm support - enabled all netfilter modules 13.06.2004 rresch - Variable PASSWORD is now crypted in rc.cfg 22.06.2004 lanspezi - only execute rc- and prep-scripts with correct name (rc[0-9][0-9][0-9].*) 23.06.2004 lanspezi - change names for ip-up/ip-down-scripts -> see rc- and prep-scripts 03.07.2004 babel - rename ETH_DRV -> NET_DRV - rename IP_ETH_ -> IP_NET 31.07.2004 harri - removed serconsole.sh. changes of serconsole-settings can be made with remote-update of the syslinux.cfg now. 02.08.04 - allow parallel usage of serial and normal console - introduce console_blank_time 05.08.04 - remove IP_DEFAULT_GW, this is now handled by IP_ROUTE_x xx.08.04 - added support of dual floppy boot (provided by Detlef Riekenberg; slightly adapted by jw5) xx.08.04 fli4l team - extended packet filter configuration to allow references to other parts of the configuration; statements now allow references to: - IP_NET_x (IP_NET_x, IP_NET_x_IPADDR, IP_NET_x_DEV) - Hosts specified in HOSTS_x - renamed and split MASQUERADE_LIST into PRE- and POSTROUTING_LIST; prerouting_list provides a more fine grained configuration of portforwarding - other packets can now use the functions used to configure the packet filter more easily (see opt/files/usr/local/bin/setup-portfw-new.sh or vpn packet, opt/files/usr/local/bin/openvpn_fwrules-helper) - portfw may now be reconfigured on a running system since both prerouting and forward entries are generated by setup-portfw*.sh; simply shut down portfw, edit /etc/portfw*.conf, restart portfw - iptables upgraded - please be aware that fli4l currently only puts the absolutly required kernel modules (some are built into the kernel) and iptables matches and targets into the opt-archive. If you are trying to extend this functionality by using other target/matches you have to ensure that they are added to the opt-archive. Since targets (things which can be used with -j) and matches (things which can be used with -m) use the same names (targets use upper case names) targets are renamed to *.so.target (see opt/base.txt for examples) - upgraded busybox (currently 1.0-rc3 which is supposed to be the final version) - opt_inittab rewritten, you may now provide you own inittab if you need one - mkfli4l - provides subnet/samenet statements (can be used to check routes, see vpn package) - =~ saves the found subexpressions in array match_% - mkfli4l supports modification of the rootfs via rootfs: prefix in opt/package.txt (see boot_type usage in opt/base.txt) - rewrote boot scripts to allow more flexible support of different boot media - see BOOT_TYPE and opt/etc/boot.d for examples; fli4l is now able to boot from floppy, dual floppy (opt-archive split between two floppies), cd (see mkiso.sh, windows version still missing), hd (and similiar media like cf), network (after 2.1.8-ut2004) - linuxrc: fix creation of links - /etc/rc: fix error handling for low memory situations (if tar is killed due to low memory the check for the size of the file stderr was redirected to will fail) 2004-09-06 abe - add script mknetboot.sh 2.1.9: ------ 14.09.04 tb - changed set order to prevent recognizing mkfloppy.bat as virus - corrected cifs ports 27.09.04 rresch - added automatic syslinux-selection depending on Windows_NT or not 28.09.04 babel - update linux kernel to 2.4.27 - backport tulip & starfire napi net driver from 2.6 to 2.4 - add netdev random patch to kernel - add ignore_ksoftirq patch to kernel - add ebtables patch to kernel - add advanced routing patch to kernel 03.10.04 rresch - re-worked Fli4l-Boot-Medium-Generation in Windows - now only mkfli4l.bat has to been called - all other ist automatic - creates img/fli4l.iso if BOOT_TYPE='cd' for direct CD-Burning 2004-10-20 abe - add new BOOT_TYPE 'netboot' (it's equal to 'integrated') This new type is only for easy use of the new mk-scripts. 2004-11-?? lanspezi - re-worked Fli4l-Boot-Medium-Generation for Windows and Unix(linux) -- mkfli4l.cmd build the disk, image or archiv-files for Windows NT/W2K/XP -- mkfli4l-win9x.bat is the build-script for Windows 9x and ME -- mkfli4l.sh is the build-script for Unix/Linux -- option for the script(s) can be set in /mkfli4l.conf -- build-dir is configurable (absulute and relativ pfad) -- directly update via scp by the build-scripts 2004-12 jw5 - introduced dynamic keyword for prerouting entries to allow a setup of static prerouting entries without a destination (or with destination 0.0.0.0/0) 2004-12-04 babel - enhance IP_ROUTE_x to allow dev routes like IP_ROUTE_1='0.0.0.0/0 eth0' - allow tmpl: to work with dynamic keyword 2004-12- jw5 - handle several floppy formats in /etc/boot.d/rc100.floppy 2004-12-17 tobig - fixed link to PortFW-converter 2004-12-28 lanspezi - build-scripts - - summary error-report at end - - change result to imonc (error-report is aviable in imonc) 2005-01- jw5 - allow IP_NET_x specifications as portfw target (as described in the documentation) 2.1.10: ------- 2005-03-03 lanspezi - update dnsmasq to Version 2.20 with internal dhcpd add complete dhcp-support 2005-03-15 lanspezi - allow to select "filterwin2k" in dnsmasq-config 2005-03-23 lanspezi - update dnsmasq to Version 2.21 2005-03-26 lanspezi - add variable to dnsdhcp-section -- IP for an NTP-Server can now be configured 2005-03-31 lanspezi - update dnsmasq to version 2.22 2005-06-06 arwin - add booting with one drive from two floppies 2005-05-13 babel - use german keyboard by default. Allow use of any keymap. 2005-06-01 babel - update to kernel 2.4.31 2005-05/06-* lanspezi - change to new script-language for windows-build (autoit3) Windows-build now has an GUI and an Dialog to change some option from mkfli4l.conf and commandline interactive 2.1.11: ------- 2005-06-26 frankr - add support for Sun Happy Meal 10/100baseT cards, only QFE is known to work 2005-07-17 hh - add optional Variable DNSDHCP_RANGE_x_GATEWAY make DNSDHCP_RANGE_x_NTP_SERVER and DNSDHCP_RANGE_x_DNS_SERVER optional, too allow these variables to be set to 'none' 2.1.12: ------- 2005-07-28 lanspezi - layout changes of config/base.txt - change var START_DNS to OPT_DNS - change var DNS_% to DNS_SPECIAL_% 2005-08-05 lanspezi/arwin - add BOOT_TYPE cdemul 2005-09-03 lanspezi - update dnsmasq to version 2.23 2005-09-25 Bernard Charrier/arwin - add french & dutch language support to menu 2005-10-18 felix - add possibility to change MAC addresses 2005-10-23 hh - add var LOCALE 2005-11-03 arwin - add OPT_MAKEKBL to make keyboard maps on the router more easily 2005 jw5 - introduce limits for rejects - limit echo reply rate and size 2.1.13 ------ 2005-11-27 lanspezi - update dnsmasq to version 2.24 2005-11 - unify usage of limits in configuration (now always x/y:burst) - actually provide documented limit match - allow opt developers to provide packet filter extensions 2005-12-01 babel - update to kernel 2.4.32 3.0.0: ------ 2005-12-13 hh - introduce do_beep function in /etc/rc 2005-12-21 babel - make natsemi-db available just in case the natsemi with NAPI causes trouble (like soekris with bridge config did) 3.0.1: ------ 2005-12 - fixed mybin/mylib handling 2006-01-18 babel - add a check to make sure each host that is referenced in the paket filter configuration is defined in the host section 2006-01-21 jw5 - fixed bug in original packet filter emulation (a missing jump target resulted in an iptables error) 2006-01-22 jw5 - mkfli4l - removed limits (except limit of 64 packages) - renamed default config file - removed complains about undefined variables referenced in opt/package.txt files - rewrote unix build scripts to make sure nobody can abuse these scripts to erase its own harddisk (someone edited the scripts enough to bypass all test and erased its own hd) 2006-02-01 lanspezi - windows-build - add support for ls120 - experimental - dnsmasq (DNS/DHCP-Server) - Update to Version 2.26 2006-02-10 jw5 - dnsmasq may now trigger a dial-in before forwarding DNS requests; This is configured vi DNS_TRIGGER_DIAL_IN (no, yes, ip) - disable development version of imond for the time beeing 3.1.0: ------ 2006-03-13 lanspezi - change temp-build-dir in Windows-build to the Windows-temp-dir because a problem when cygwin is installed an the subdir "build" do not exist 2006-03-16 lanspezi - update dns/dhcp-Server dnsmasq to 2.27 2006-03-22 - remove DNS_TRIGGER_DIAL_IN - it is replaced by a more generic mechanism in dnsmasq, which re-sends the last dns request after receiving netlink messages about changed interface attributes or routes 2006-04-19 - re-modelled dns regexp according to http://www.icann.org/general/idn-guidelines-20jun03.htm 2006-05-15 lanspezi - move order of config-vars in dnsmasq.conf to allow redirect of subdoms of the own domain - allow '_' as first caracter of a SPECIAL_DNS domain to redirect queries to an Windows-Actice-Directory-Server 2006-06-04 lanspezi - add option Variabls HOST_x_NEXTSERVER and HOST_x_FILENAME used by pakage dhcp_advanced to serv dhcp-information to boot a client via PXE 2006 - added support for 2.4 and 2.6 - added initial kernel configuration for 2.6, configuration is still a moving target - added initial XEN 3.0 configuration and necessary patches - mkfli4l - version dependent opt/package.txt files (package_2_4.txt and package_2_6.txt) - use '.o' or '.ko' depending on kernel version - value dependent regular expression definitions +NET_DRV(KERNEL_VERSION=~'^2\.4\..*$') = ... - evaluation of modules.dep and modules.alias to - locate modules - automatically resolve dependencies and add all necessary modules to the archives - handle original kernel with upper case module names - added loading of packet filter modules for 2.6 (rc360.fwrules.modules) - use modprobe to automatically load all necessary modules (dependencies are different for 2.4 and 2.6) 2006-06-13 lanspezi - update dnsmasq to version 2.32 3.1.1: ------ 2006-08-?? jw5 - upgrade to busybox 1.2 (some changes already went into 3.1 by accident) - removed support of prep script - remove file prefix from /opt and directly extract to /opt instead of /opt/files 2006-08-04 lanspezi - add option to dnsmasq.conf to change syslog-facility to "local0" 2006-08-* lanspezi/jw5 - change build - build now uses gen_init_tar/gen_init_cpio to create the rootfs-archive - the complete rootfs is created from scratch every time, no rootfs-distrib.tar anymore - small bug fixes in build scripts - added global host file - added name= option for opt/package.txt 2006-08-* - synchronize ip-up/ip-down scripts against parallel execution 2006-08-* - convert old portfw configuration to new one so we only use one format internally 2006-08-18 hh - activate CONFIG_FEATURE_PS_WIDE=y in busybox config for a complete output of the process list with "ps w" 2006-08-27 jw5,hh - fix mac: restriction for 2.6 - add dmfe to kernel-2.6-driver-list, as it exists and is working 2006-08-28 hh,jw5 - allow to switch off beep after boot and shutdown globally - make beep at startup/shutdown optional - replace variable SER_BEEP with global variable BEEP - recompile kernel 2.4.32, strip modules - handle variables in option filed of add_to_opt 2006-08-29 lanspezi - show message after login if /bootmsg.txt (errors and warnings during boot) exists. 2006-08-29 jw5, lanspezi - handle module naming strangeness - some modules have an alias named foo_bar while the module is named foo-bar - Windows Build: fix bug remoteupdate with boot_type=integrated do not try to copy opt_tar.bz2 - do not allow x_COMP_TYPE='bzip2' as ist does not work 3.1.2: ------ 2006-09-09 tobig - make scripts of the UNIX build more POSIXy, should help for BSD userland. 2006-09-11 jw5 - fix portfw translation for protocols like gre 2006-09-23 lanspezi - first code to support lzma compressed rootfs and opt-archive - rename name of opt-archive to opt.img 2006-09-26 arwin - update syslinux to version 3.31 2006-10-07 hh - add check for opt_syslogd and opt_klogd if packetfilter logging is requested 2006-10-21 arwin - add possibility to preserve space on second floppy 2006-10-29 lanspezi - update dnsmasq to version 2.35 2006-11-01 arwin - add possibility to give a name to network card 2007-03 - documented user chains - renamed variables of new packet filter section - all variables get a PF_ prefix - _LIST postfix is removed 2007-04 - removed old portfw-scripts and -new extensions - added add, del, status commands to setup-portfw.sh 2007-04-13 arwin - update cygwin1.dll to latest version (1.5.24-cr-0x5f1) 2007-05-08 - update plink.exe and pscp.exe to v0.60 2007-05-11 babel - show warning if IGNORE_KSOFTIRQ='yes' and KERNEL_VERSION='2.6.*', ignore IGNORE_KSOFTIRQ='yes' in rc000.base on startup 2007-05-14 arwin - handle isapnp.conf in /etc without date - update autoit to 3.2.0.1 - introduced boot menu for recovery, see BOOTMENU_TIME and recovery - move modules to separate kernel package - rootfs changes - use tmpfs for rootfs - in previous versions we accidently use ramfs which does not support any limits and therefore may consume all memory - remove inittmpfs= option, the default options are fine - options differ between 2.4 and 2.6 - 2.6: inittmpfs=options, e.g. inittmpfs=mode=755 - 2.4: inittar=1,options, e.g. inittar=1,mode=755 - support modprobe - mkfli4l reads modules.dep and modules.aliases and - automatically locates the module even if it is an alias - automatically includes all necessary modules a specified module depends on - generates a smaller modules.dep and modules.alias containing all necessary entries - do_modprobe() function to load a module and all modules it depends on - do_insmod() shows a warning if invoked - please move to do_modprobe - changed naming convention for netfilter target modules - the current one foo.target.ko lead to invalid modules.alias files - the new one is foo_target.ko - use a longer variable name to avoid conflicts in fwrules.helper ($IPTABLES instead of $I) - pptp-masq-module is available for 2.6 - fix for summertime ending at 3 o'clock not at the default 2 o'clock - fli4lctrl fixes - packet filter changes - fix regular expressions for packet filter actions - introduce dmz-chain, portfwaccess-chain - restrict user defined names - they have to be prefixed by usr- - document default rules and explain integration of default rules generated by other subsystems - document PF_USER_LIST_% - fix documentation of icmp (we use echo-request instead of 8) - fix regular expressions to allow limit match - number fwrules.pre script to enforce ordering - fwrules.pre.* -> fwrules.pre[0-9][0-9][0-9].* - for the time being we support the old names too, but give higher precedence to the new ones - add support for user-comments for filter rules by adding *_COMMENT variables to filter configuration - filter out comments and empty lines in template files, since otherwise this leads to empty restrictions during template instantiations - introduce check_rule and portfw_check_rule which may be used to check netfilter rules by actually adding them to special chains and deleting them again - introduce recent match support - build adds now the follow variables to rc.cfg FLI4L_BUILDDATE FLI4L_BUILDTIME FLI4L_VERSION These variables will be used by opt_recover to display version information - add typhoon to list of drivers - remove references to /etc/prep - introduced arp ping - upgrade to busybox 1.5.1 - wrap deprecated utilities (ifconfig, route for now) - interface configuration - remove alias names (ethx:y); add eth10-99 - allow different networks on the same interface (but show a warning) - prevent different dmz types on the same interface - pppoe daemon ignores SIGTERM, we send HUP to pppd instead - fix handling of foreign kernel archives - to be able to handle upper case file names we renamed files with upper cases in them - to be able to use kernels from different distribution we have to translate our naming convention back to the normal one - rename inittab to make it selectable - console is a special device which does not support job control and therefore does not support ctrl C on the console - therefore we can not run a shell directly on the console and have to select an inittab pointing to a real device - add DNSDHCP_RANGE_x_DNS_DOMAIN to set a diffrent domainname for dhcp-hosts - add HOSTS_EXTRA_N, HOST_EXTRA_x_NAME and HOST_EXTRA_x_IP to add extra host-information to hosts-file/dns-server, usefull to add a hosts outside the local domain 3.1.3: ------ 2007-06-03 - lanspezi -arwin - remove menu (aplies also to hd, tools and dsl) 2007-06-20 rresch - add /var/run/netdrivers.conf, it shows the devicename=kernelmodulname 2007-07 - upgrade to busybox 1.6.1 to get access to cttyhack - fall back to single inittab and use busybox cttyhack to guess and reopen the device behind /dev/console to get a real controlling device - deactivated tftp since it is not used anymore - upgraded dumpkeymap to 1.6.1 2007-08-18 - from bernard charrier - documentation translated into the french language added 3.1.4: ------ 2007-09-09 lanspezi - update dnsmasq to version 2.40 2007-09-11 lanspezi - add pxe-boot-options base on a idea from Christoph Fritsch 2007-09-17 - enable iptables ipv6 support - upgrade iptables to 1.3.8 - upgraded busybox to 1.7.1 - fixed arping options (-i versus -I) 2007-09-29 arwin - update syslinux to v3.52 2007-10-10 - upgraded to 1.7.2 + patches to integrate ip tunnel parameter parsing problem fix 2007-10-17 lanspezi - add OPT_LOGIP - logging of wan-ip 2007-11-17 babel - update iproute2 tools to 2.6.23 2007-12-15 tobig - handle "disk full" errors in mkfloppy.sh - also try cdrkit if cdrtools are not found (genisoimage vs. mkisofs) 2007-12-20 - upgraded busybox to 1.8.2 + patches (arping, static, vi) 3.3.0: ------ 2008-01-02 - fix creation of redirect access chain - documentation missing 2008-01-15 babel - add check for cttyhack 2008-01-20 arwin - update syslinux to 3.60 2008-01-29 arwin - update lzma.exe to 4.57 2008-02-14 lanspezi - update dnsmasq to 2.41 2008-02-19 witchdoc - update sysklogd to 1.5 2008-02-28 - move pxe config to range and host section, now its possible to set subnet or host specific pxe config options 2008-03-18 - introduce PF_LOG_LEVEL and PACKETFILTER_LOG_LEVEL (still undocumented) - add trailing space to packet filter log prefix 2008-03-27 arwin - spanish translation of windows build by Maik Adryan 2008-03-28 - fix creation of syslog target directories - add dmz_green_dev to allow declaration of devices as part of the green world - introduce mark match and target to allow marking and matching on marks 2008-04-22 lanspezi - update AutoIt to 3.2.10.0 2008-06-13 - remove DEBUG_LOG and replace it with LOG_BOOT_SEQ, which captures all boot messages, not only messages in debug mode 2008-08-13 arwin - some fixes for apple build as suggested in spline.fli4l by Klaus Rüsch 2008-08-13 - upgrade busybox to 1.11.1 + patches - enable "nice" applet - upgrade iptables to 1.4.1.1 - remove PF_ORIG_CONFIG, selection now depends on PF_NEW_CONFIG only 2008-09-28 arwin - update syslinux to 3.72 2008-10-05 lanspezi - move Hostnames, DNS- and DHCP-configuration to new Package "DNS_DHCP" 2008-10 - add dhcp as possible value for IP_NET_x - empty IP_NET_x_DEV not possible anymore, use dhcp and IP_NET_x_MAC if you want to set the mac address for a dhcp client - remove all devices from if: restriction in packet filter config, use references to IP_NET_x_DEV instead - fix portfw setup - if a mixture of static and dynamic rules was used, the dynamic rules always ended up in front of the static rules, which lead to problems if the order of rules was important - fix template reordering - if someone used ins_rule with a template, the rules were added in inverse order (compared to add_rule) 2008-11 - check dmz definitions - make sure, there is exactly one orange device - check orange device at runtime: disable dmz if there is no orange device 3.3.1: ------ 2008-11-28 arwin - update netcat to patch level 32 2008-11 - fix handling of access rules for portforwarding, otherwise rules added via web interface would not work 2008-12-23 babel - change ip_up_events default to no 3.3.2: ------ 2009-02-22 lanspezi - add SYSLOGD_ROTATE and SYSLOGD_ROTATE_DIR - easy rotating of syslog-files every day 2009-03-01 babel - add support for IDE probe_mask for kernel >= 2.6.28 3.4.1: ------ 2009-05-07 lanspezi - add service-restart to rc325.syslogd, check for running syslogd_rotate_cron.sh 2009-05-08 arwin - fix bug in rc325.syslogd 2009-05-08 arwin - update loadkeys and keymaps to v1.15 2009-05-14 lanspezi - fix bug in syslogd_rotate.sh - kill prozess 2009-05-15 rresch - intruduce new ext-script variable to be able to set kernel commandline parameters from within ext scripts 2009-05-25 - mkfli4l checks for opt/.txt, opt/_.txt and opt/_.txt; it uses '_' instead of '.' 2009-06-10 - upgrade busybox to 1.14.1 - enable mdev, blkid, findfs, mount by label or uuid - use mdev to populate /dev 2009-06-13 abe - deleted variables: POWEROFF_ON_HALT, REALMODE_POWER_OFF - added variable: POWERMANAGEMENT='none|acpi|apm|apm_rm' - new variable POWERMANAGEMENT toggles between powermanagement interfaces, since the newer kernel > 2.6.16.62 use ACPI per default - busyboy halt command isn't anymore remapped to poweroff. use poweroff instead to power down the router. - as usual, documentation is pending, waiting for feedback 2009-06-15 - re-introduce device creation in /etc/rc, since mdev is not able to create all needed devices 2009-06-29 abe - added optional variables: OPT_ADDMODULES, ADDMODULES - introduce opt ADDMODULES which is intended for debugging and testing purpose. The opt adds kernel modules to the opt archiv and loads the modules at boot time; see rc.100addmodules ADDMODULES contains the vertical slash '|' separated modules and parameter list; e.g.: ADDMODULES='processor|thermal|w83627hf addr=x00djhd|eeprom' - as usual, documentation is pending, waiting for feedback 2009-07-01 abe - throw away lsmod script and activate feature 'lsmod' in bb config 2009-07-02 abe - fix busybox.mk: config var name has changed - introduce new busybox images: + fd-busybox is the smallest one, with minimal features enabled + hd-busybox has additional tools for hd-install enabled + busybox contains all features of the two above plus some extra-features and eye-candies. - deleted tools in package hd: fdisk, hdparm, mkdosfs; 3.5.0: ------ 2009-07-04 rresch - removed last parts of kernel-2.4 support files 2009-07-04 arwin - update windows/lzma.exe to v4.65 2009-07-22 babel - add adjtimex and hwclock 2009-07-27 babel - add lua scripting language 2009-07-27 - add DEBUG_MDEV variable, 'yes' enables debug output of mdev (default) 2009-09-07 - remove default values for debug variables - enforce read order for config files (_fli4l.txt, base.txt, dns_dhcp.txt) to ensure, that certain variables are present before other packages are read - this is only a temporary fix - it will be replaced by a different check strategie which first reads all packages and then executes the checks 2009-11-09 arwin - update syslinux to v3.83 2009-11-30 arwin - add variable for a comment with portforwarding 2009-12-19 arwin - update syslinux to v3.84 2010-01-06 tobig - update cygwin (Windows build) to v1.71 (this implies, that Windows build does not run with Win9x any longer) 2010-02-21 arwin - update syslinux to v3.85 2010-04-15 arwin - update syslinux to v3.86 2010-05-04 - drop invalid packets in forwarding chain, otherwise private ip addresses might leak out 2010-06-10 - debug_ipup now also activates debugging in ip-down - added debug_ip - traces all invocations of the ip command - added debug_keep_bootlogd, leaves bootlogd alive to get a nice trace of all messages written to the console - unify ip-up/ip-down locking/tracing logic - upgrade busybox to latest stable (1.16.2) 2010-08-09 babel - add intel igb network drivers 2010-10-10 arwin - update syslinux to v4.03-pre4 2010-10-13 arwin - update syslinux to v4.03-pre5 2010-10-19 arwin - update adjtimex to v1.29 2010-10-23 arwin - update syslinux to v4.03 2011-02-16 babel - include biosdevname for testing purposes, see http://domsch.com/blog/?p=455 2011-03-16 arwin - update cygwin to v1.7.8-1 2011-04-15 kristov - added IPv6 support commands 3.6.0: ------ 2011-04-29 - release of stable version 3.6.1: ------ 2011-05-04 rresch - add drivers atl1 and atl2 to list of selectable nic-drivers 2011-05-30 lanspezi - move list of nic-drivers from config/base.txt to extra file (config/base_nic.list) 2011-09-05 arwin - update syslinux to v4.04, add syslinux64.exe 2011-09-06 sklein - update of hd-pre-install 3.7.0: ------ 2011-12-12 arwin - update syslinux to v4.05 2012-01-04 babel - update busybox to 1.19.3 2012-04-06 kristov - mkfli4l: library dependency checking for all supported platforms implemented (formerly, a script was used which didn't run under Windows) - mkopt.{sh,au3}: special handling of mylib/mybin removed as it's not used by the team packages (and it's not documented either) 2012-04-07 kristov - from now on, all kernel modules have to use the correct suffix '.ko'; the old compatibility glue for kernels < 2.6 has been removed 2012-04-10 kristov - mkfli4l: now built with MinGW toolchain and does not depend on Cygwin environment anymore 2012-04-11 kristov - HOSTS_GLOBAL functionality removed from mkfli4l; simply put your entries into /etc/hosts.global instead 2012-04-21 kristov - kernel version detection changed: kernels 3.x.y are now correctly parsed as kernel_major=3.x and kernel_minor=y instead of kernel_major=2.6 and kernel_minor=40+x; please update your kernel version checks accordingly! 2012-04-27 kristov - archive generation (with the exception of compressing them) moved into mkfli4l; gen_init_* tools are not needed anymore and have been removed 2012-05-11 kristov - COMPRESS_KERNEL variable ('yes' or 'no') introduced, COMP_TYPE_KERNEL removed; use COMPRESS_KERNEL to choose between a compressed and an uncompressed kernel - COMPRESS_ROOTFS and COMPRESS_OPT ('yes' or 'no') introduced; use these variables to enable or disable the compression of the ROOTFS or OPT archive, respectively - COMPRESS_OPT='yes' is disallowed for boot types 'cd' and 'cdemul' and COMPRESS_ROOTFS='yes' is disallowed for boot type 'cd'; the OPT archive has always been uncompressed when using 'cd' or 'cdemul' but it was not possible to explicitly disable compression until now - COMP_TYPE_ROOTFS replaced by COMP_TYPE_ROOTFS_ and moved to the kernel packages; these variables may be defined to change the compression algorithm for the ROOTFS 2012-05-28 kristov - must use a numeric value for orange_dev (thanks to Sebastian Just for catching this) [22048] 2012-05-30 kristov - When building the configuration, a UUID can be supplied in FLI4L_UUID. This UUID can later help to associate the online configuration on the router with the build configuration on disk. If no UUID is found, it will be generated on the router and can finally be copied from the Web interface into config/base.txt. [22078] 2012-05-30 rresch - haveged daemon added to improve generation of random numbers (entropy pool) [22083,22087] 2012-06-03 kristov - mkfli4l: added precompiled binaries for x86-64 Linux platform [22133] 2012-06-08 kristov - disk drive names are not limited to sda-sdd and hda-hdd anymore [22219] 2012-06-09 rresch, kristov - A directory with the UUID in its name will be used as persistent storage for packages which need this. For example, IMOND_LOG or LOGIP will use this. [22161,22206-10,22212-14,22216-17,22245,22247-50,22254-59] 2012-06-09 lanspezi - mkfli4l-GUI updated to new abilities of command-line mkfli4l backend [22241-2] 2012-06-10 lanspezi - now the maximum number of rotated syslog files is configurable [22261] 2012-06-26 kristov - OPTs are disabled by default in check/base.txt, but in the default configuration, they are commented out having the value 'yes', such that the activation of an OPT is simply done by removing the leading '#' [22745] 2012-06-30 kristov - mkfli4l: fix deep dependency bug when a variable depends on OPT_1 which depends on OPT_2 and where neither OPT_1 nor OPT_2 are explicitly set (but where both have default values) [22541] - mkfli4l: fix build when no checks are run [22543] 2012-07-01 kristov - all change logs are now UTF-8 with BOM [22550] - mkfli4l: can now handle UTF-8 encoded files [22555] - all check files are now UTF-8 with BOM [22556] 2012-07-04 rresch - nolapic and noapic parameters removed from the kernel command line [22599] 2012-07-05 kristov - PPPOE_CIRC_N depends on OPT_PPPOE_CIRC, not on OPT_PPPOE [22608] - COMP_TYPE_ROOTFS_ variables now accept a more general kernel version (e.g. 3.2 instead of 3.2.18) [22618-9] 2012-07-06 kristov - mkfli4l: link against libiconv on Darwin [22622] 2012-07-07 rresch - The default kernel version has been changed to 3.2.x. [22647] 2012-07-10 lanspezi - arping logs now to syslog if a host changes its state between reachable and not reachable [22671,22676-7,22680] 2012-07-10 kristov - image generation on Windows corrected when using 'cd' and 'cdemul' boot types [22672] 2012-07-16 kristov - setserial moved to /usr/bin 2012-07-20 lanspezi - add message for rotating syslog files on shutdown or reboot [22881] 2012-07-20 kristov - fixed unpacking OPT image when using COMPRESS_OPT='no' [22883-6] 2012-07-24 kristov - mkfli4l now correctly generates Unix line endings (LF only) when creating syslinux.cfg under Windows [22950] 2012-08-05 kristov - fixed a bug where mkfli4l.sh would abort silently on configuration directories of a certain length (thanks to Harvey for reporting) [23209] 2012-08-07 kristov - arguments passed by pppd are now logged [23246] - ip-up-down code (especially default route and gateway detection) overhauled [23247], [23255-7] - ip-up and ip-down events are now generated for Ethernet-only routers with a default route [23264,23266,23270-1] 2012-08-07 kristov - bootlogd logging daemon is now terminated earlier [23267,23269] 2012-08-07 kristov - syslogd and klogd are now provided by Busybox - SYSLOGD_RECEIVER is currently broken 2012-08-08 kristov - mkfli4l: invoke autoreconf if possible [23277,23313] 2012-08-12 rresch - ethtool added to BASE in order to deactivate hardware VLAN tag support on e1000 [23355-6] 2012-08-13 kristov - crlf-test.txt moved to opt/etc [23380] 2012-09-04 kristov - mkfli4l: GNU regex library included to avoid crashes on OS X 10.8.1 - included 64-bit Mac binaries for OS X 10.8 [23553] 2012-09-05 kristov - disallow IPv6 addresses in DNS_FORWARDERS if OPT_IPV6='no' [23566] 2012-09-06 kristov - the check that IPv6 addresses are only allowed in DNS_FORWARDERS if OPT_IPV6='yes' is now done at regex level [23567] 2012-09-06 kristov - mkfli4l: config.guess is now executable [23578] 2012-09-07 kristov - mkfli4l: zlib updated to 1.2.7, xz updated to 5.0.4, libregex now identical for all platforms [23607] 2012-09-15 kristov [23698] - libcapi20 [isdnutils] updated to 3.0.6 2012-09-19 kristov [23737] - haveged updated to 1.5 2012-09-30 kristov [23791] - when POWERMANAGEMENT=acpi, acpid is started such that the router shuts down properly when an ACPI power button event is received 2012-09-30 kristov [various changesets in separate branch] - eventually switched to new FBR - busybox updated to 1.19.4 - adjtimex updated to 1.29 patchlevel 2.2 - iproute2 updated to 3.1.0 - iptables updated to 1.4.12.2 - libpcre updated to 8.20 - libusb updated to 0.1.3/1.0.8 - lm-sensors updated to 3.3.1 - net-tools (arp/netstat) updated to 1.60 patchlevel 24 - rng-tools (rngd) updated to 3 - setserial updated to 2.17 patchlevel 45.2 - sysklogd (syslogd/klogd) updated to 1.5 patchlevel 6 - sysvinit (bootlogd) updated to 2.88 2012-09-30 kristov [23795] - fixed a potential race condition when creating /dev/rtc 2012-09-30 kristov [23800] - iptables updated to 1.4.15 - conntrack-tools updated to 1.2.2 2012-10-03 kristov [23860] - let mdev create /dev/rtc and /dev/bus/usb/* nodes - various small improvements in /etc/mdev.conf which should not have any bad effects (e.g. /dev/loop/loopX renamed to /dev/loop/X) 2012-10-04 kristov [23865] - mkfli4l: fix rebuild when cross-compilers lie around in /usr/bin 2012-10-06 kristov [23894] - fixed some race conditions in Busybox's mdev 2012-10-07 kristov [23897] - re-added ability to send syslog messages to another host 2012-10-07 kristov [23904] - mdev: fixed handling of uevent "holes" which sometimes occur 2012-10-07 kristov [23909] - mdev: fixed firmware loading 2012-10-08 kristov [23933] - ethtool updated to 3.6 2012-10-08 kristov [23935] - enable core dumps if DEBUG_ENABLE_CORE='yes' 2012-10-19 kristov [24085] - search for complete driver names when unloading modules 2012-10-21 kristov [24111] - make SYSLOGD_RECEIVER='yes' work again 2012-10-22 kristov [24112], [24115] - beautify login intro (centre line when starting with '%c'), include the hostname ('%h') 2012-10-25 kristov [24131] - wait a bit longer until mdev has created the first device nodes 2012-10-27 kristov [24163] - removed old packet filter configuration 2012-10-31 kristov [24204] - size limit for accepting ICMPv4 echo packets by the firewall is now configurable (PF_INPUT_ICMP_ECHO_REQ_SIZE); the default has been rised to 150 bytes as 100 bytes is not always sufficient for liboping as used by collectd (package rrdtool) 2012-10-31 kristov [24212] - differentiate between IPv4 and IPv6 addresses in lookup_name() 2012-10-31 kristov, rresch [24214] - create device nodes under /dev/bus/usb/ also for USB devices behind hubs 2012-11-02 kristov [24249] - mkfli4l: optional undefined variables are now completely left out from the generated configuration 2012-11-02 roland [24250] - update to libfuse2.9.2 2012-11-08 kristov [24255], [24278] - there is now a provides/depend relation between the base package and the configured kernel package; this helps to recognize if the necessary config/kernel_*.txt file is missing 2012-11-08 kristov [24280] - evss_netlink now logs to local3 facility in order to not collide with messages from the PPP daemon 2012-11-10 kristov [24289] - seamless XZ decompression integrated into Busybox 2012-11-10 kristov [24291] - XZ compression is now allowed for the OPT archive; make it the default compression algorithm for the OPT archive - when extracting the OPT archive, the progress display has changed: now a dot is written for every 50 files extracted 2012-11-10 kristov [24292] - pipe_progress utility removed from Busybox as it is not used anymore 2012-11-11 kristov [24299] - fixed XZ compression support 2012-11-11 kristov [24302] - compression restrictions for 'cd' and 'fd.*' boot types removed 2012-12-15 rresch - base now auto-loads ide and sata drivers and can boot from this devices without package hd 2012-12-16 kristov - acpid updated to 2.0.17 - conntrack-tools updated to 1.4.0 - e2fsprogs updated to 1.42.6 - iptables updated to 1.4.16.3 - iproute2 updated to 3.6.0 - curl updated to 7.27.0 - libglib2 updated to 2.30.3 - libnetfilter_conntrack updated to 1.0.2 - libnetfilter_cthelper updated to 1.0.2 - new libraries libnetfilter_cthelper and libnetfilter_queue - libnfnetlink updated to 1.0.1 - libnl updated to 3.2.14 - lm-sensors updated to 3.3.3 - openssl updated to 1.0.1c - pcre updated to 8.31 - samba libraries updated to 3.6.9 - wget updated to 1.14 2012-12-18 rresch - base auto-loads virtio and xen storage and network drivers (used by virtualbox, qemu, kvm and xen) 2012-12-27 rresch - make libata dma disable configurable 3.10.1: ------- FFL-155: Dokumentation für pxeboot überarbeiten FFL-184: Entwickler-Dokumentation für fli4l 3.10 überarbeiten FFL-241: Firewall-Regel-Problem bei nicht vorhandener Schnittstelle ppp0 FFL-242: Verallgemeinertes _.txt System FFL-243: Behandlung von Bibliotheken (libs) verbessern FFL-245: NIC-Datenbank mittels niclist.sh generieren lassen FFL-252: Nach dem Rotieren von Syslog-Dateien werden die Dateien beim Protokollieren nicht neu angelegt FFL-253: Paketfilter negation führt zu Fehler bei iptables FFL-259: Feste Integration von xen-hd/net/virtio-hd/net Treibern in -virt Kernel FFL-260: do_modprobe und do_modprobe_if_exists mit quiet option FFL-266: Einbau von ocf-linux. FFL-267: ARP-Tabelle unbrauchbar mit Kernel >= 3.6 FFL-269: Netzwerkkarten- und USB-Treiber fehlen in Kernel 3.7 FFL-281: Überarbeitung der französischen Doku FFL-297: mkfli4l liefert falsche Fehlermeldung FFL-298: Anpassung von iptables-Regeln für neue Kernel FFL-312: Conntrack-Tabelle leeren wenn ein "Netzwerkereignis" aufgetreten ist FFL-324: ip-Tool zweimal vorhanden FFL-331: "hwclock --systohc" gibt bei Kernel 3.7 Fehlermeldung beim Herunterfahren aus FFL-332: Treiber ata_piix verhindert auf mancher Hardware das Booten FFL-338: COMPRESS_KERNEL auch für CD aktivierbar machen FFL-340: Telmond Restart braucht zu lange FFL-346: Uncompressed Kernel entfernen FFL-347: LZMA/XZ-Kompression verbessern FFL-349: Package HTTPD - konfigurierbare Hosts vom arping-check ausschliessen FFL-354: [mkfli4l.sh] Additional actions falsche Hinweise nach Übertragung des systems FFL-355: [mkfli4l.sh] hd.cfg wird nicht richtig/vollständig erstellt FFL-356: kernel 3.7.x ACPI-Fehlermeldung in dmesg FFL-374: virtio-net wird als NET_DRV akzeptiert, führt später jedoch zum Build-Abbruch FFL-377: Syslinux beachtet Timeout nicht mehr und wartet 'ewig' auf einen Tastendruck FFL-380: [src] Überflüssige Datei im buildroot - package/sqlite/ FFL-382: [Wunsch] utf8-Unterstützung für libpcre FFL-388: mkfli4l.sh sollte auch unter Cygwin korrekt funktionieren FFL-407: Dynamische Firewall FFL-414: Support für Floppy entfernen FFL-420: DNS-Probleme mit uClibc FFL-423: Unkomprimierte RootFS- und OPT-Archive sollen entfallen FFL-424: diverse Fehler im Webgui nach Umstellung von nativen Tools auf die entsprechenden BusyBox-Varianten und umgekehrt FFL-431: mkfli4l.exe stürzt ab FFL-446: Angleichung und Überarbeitung des IPv4- und IPv6-Firewall-Codes und Einbau von IPv6-NAT FFL-447: Unterstützung für die OUTPUT-Kette fehlt im Paketfilter FFL-452: Der Paketfilter sollte mit echten Hostnamen umgehen können FFL-453: LAN/WLAN Treiber berichtigen und ihrer Funktion nach zuordnen FFL-465: IPv6-Dialup via PPPoE FFL-475: Weitere conntrack Helper (wie z.B. sip, h323) einbinden FFL-477: log_*-Funktionen ignorieren Farben, wenn die Aufrufe aus verschachtelten Skripten kommen FFL-481: tool netcalc um ipv6 Support erweitern FFL-483: Firewall-Regeln mit tmpl: und BIDIRECTIONAL führen ggf. zu nicht beabsichtigtem Verhalten FFL-485: Im Paketfilter kann man 'dynamic' weder in der PREROUTING_CT- noch in der OUTPUT_CT-Kette nutzen FFL-487: Port-Weiterleitung mit dynamischer Firewall umsetzen FFL-492: Teil-Paket PORTFW optionalisieren für spätere Entfernung FFL-499: fli4lctrl unterstützt keine Ethernet-Schnittstellen FFL-500: Beim Herunterfahren des DHCP-Clients werden die PPP-Skripte immer mit is_default_route='no' ausgeführt FFL-501: pppd wählt immer ein, auch mit DIALMODE='manual' oder 'off' FFL-511: IPv6 Route in OpenVPN kollidiert mit IP_ROUTE_x aus der base.txt FFL-513: Regeln im VPN Tunnel werden nicht richtig angelegt FFL-519: Piepton vor RECOVER Menü FFL-572: Bibliothek mysql_client in das Paket base aufnehmen FFL-595: Vereinheitlichung von mkfli4l.conf und mkfli4l.txt FFL-598: STUN client für fli4l bereitstellen FFL-603: ACPI-Voreinstellungen ändern FFL-612: Beim Shutdown werden die Interfaces nicht richtig enumeriert FFL-616: Die Option "--no-squeeze" in mkfli4l reparieren FFL-621: Firewall nutzt falschen Test für Prüfung, ob Host-Name existiert FFL-626: nach Update auf OSX 10.9 läuft mkfli4l nicht mehr und baut auch nicht FFL-627: LIBATA_DMA umbennen für bessere Verständlichkeit FFL-646: Formatierung der Quellen von "netcalc" anpassen FFL-648: mkfli4l analysiert ELF-Dateien über die ELF-Sections und nicht über die ELF-Segmente FFL-649: mit Kernel > 3.9.x führt ein arping nicht zu einem Eintrag in die ARP-Tabelle des Kernels FFL-654: Initialisierung von Verzeichnis für persistente Daten beim Booten problematisch FFL-667: Variable BUILDDIR in config/mkfli4l.conf für Windows und UNIX-Build in zwei getrennt VARS auftrennen um Windows und Unixpfade parrallel zu hinterlegen FFL-668: fli4l bootet nicht, wenn das Bootmedium nicht sauber ausgehängt wurde FFL-687: Loggen der Ereignisse "boot finished" sowie "remoteupdate" mit den entsprechenden Versionsinfos (revision,kernelversion) FFL-688: Die syslog-Dateien werden beim Shutdown/Reboot nicht rotiert FFL-696: Fehlerhafter Dateiname bei Herrunterladen des WAN-IP-Protkolls FFL-703: Unterstützung für batch Verarbeitung für mkflil.sh (nicht auf Eingaben warten) FFL-729: COMP_TYPE_OPT optional machen und sinnvollen default definieren FFL-731: mkfli4l erzeugt defekte TAR-Archive, wenn die Pfade zu lang werden FFL-734: DMZ Einrichtung überarbeiten FFL-763: Entfernung überflüssiger Inhalte in packages/base/check/base.exp FFL-765: packages/*/check/* enthalten nicht mehr benutzte Definitionen und Variablen FFL-767: Regeln für "privoxy" in die Vorlage der Firewallregeln aufnehmen FFL-768: Einbindung von Treibern (insbesondere Netzwerktreibern) überarbeiten FFL-774: Ausgabe der verwendeten Architektur FFL-776: Busybox's "date" kennt kein %N FFL-790: Laden von Layer-3-spezifischen NAT-Helfermodulen schlägt fehl FFL-794: Firewall: NETMAP akzeptiert keine logischen Netze (IP(V6)?_x_NET) FFL-807: OpenSSL-Update auf 1.0.1g FFL-822: Neue Datei /etc/os-release FFL-829: Kombination von REJECT/DROP und LOG in Firewall-Regeln funktioniert nicht FFL-832: Booten von Festplatte funktioniert nicht richtig bei Medien, die mit alten fli4l-Versionen erstellt wurden FFL-844: Aktualisierung der Firewallregeln für jabber FFL-851: add_to_opt funktioniert nicht mit Wildcards FFL-872: Überarbeitung von provides/depends FFL-882: libtalloc.so und libtdb.so landen nicht im base-Paket FFL-887: ACPI Fehlermeldung auf WRAP (und vermutlich auch ALIX), winnet-pc680 (und evtl. auch -pc640) FFL-892: mkfli4l bildet einen Modulalias auf höchstens ein passendes Modul ab FFL-893: Wechsel der LTS-Kernel-Linie von 3.10.x auf 3.14.x FFL-903: Anpassung der Tools/Scripte zum automatisierten Download der Tarballs FFL-911: Programm "awk" im FBR bereitstellen FFL-955: Aktiviertes GRO (Generic Receive Offload) führt zu Geschwindigkeitseinbußen beim Routing FFL-960: mkfli4l.sh interpretiert das Argument hdinstallpath nicht korrekt FFL-961: top zeigt für cached und buffer Phantasiewerte an FFL-973: Fehler bei der Prüfung von Hosts im Paketfilter die mit @hostname referenziert werden FFL-983: Profile Datei erweitern FFL-985: flexiblere Nutzung von HOSTNAME_ALIAS_* in der base Konfiguration FFL-1005: Es gibt kein Firewalltemplate für NFS FFL-1007: Variable fli4l_mode in /.profile ist nicht verfügbar FFL-1035: base: readme.html sowie englischer Abschnitt in der readme.txt fehlen im fli4l-Basisdir FFL-1041: libgcc_s fehlt auf dem Router FFL-1055: remoteremount lässt sich nicht in mkfli4l.txt setzen FFL-1056: Fehlermeldung verweist auf nicht existentes Kapitel FFL-1063: proxmox in firewall template aufnehmen FFL-1121: mkfli4l soll Informationen über existierende Kernel anzeigen FFL-1126: Zugriff auf die Konfigurationsvariablen auf dem Router FFL-1149: Verbesserung der Funktionsweise von arping.sh in Bezug auf viele Hosts FFL-1160: OpenSSL-Update auf 1.0.1k FFL-1178: Build-Abbruch weil ausgewählter USB-Net-Treiber nicht in /check/base.exp sowie /opt/base.txt eingetragen ist 3.10.2: ------- FFL-756: Firewall generiert bei Verwendung von Templates falsche PREROUTING-Regeln FFL-1121: mkfli4l soll Informationen über existierende Kernel anzeigen FFL-1208: mkfli4l.bat sollte sich das zuletzt verwendete Configverzeichnis merken, wenn es über den Auswahldialog geändert wurde FFL-1220: Script zum automatisierten Download der Tarballs in der Linux-Version funktioniert nicht FFL-1244: Update Openssl auf Version 1.0.1m FFL-1321: DEBUG_MDEV='yes' funktioniert nicht FFL-1323: mdev: Umgebungsvariablen können nicht genutzt werden / netlink-Cleanup FFL-1331: bind: Update auf 9.9.7 FFL-1334: Syslog-Meldungen werden verschluckt FFL-1335: Erhöhung der Syslog-Zeilenlänge auf 1024 Zeichen FFL-1336: Win-Build: Remote-Hostname wird nicht bei einer Änderung des Config-Dir und nicht definiertem Wert in der mkfli4l.txt auf den Wert von Hostname gesetzt FFL-1339: Reentranzprobleme in do_insmod() und do_modprobe() 3.10.3: ------- FFL-394: Serielle Console bleibt hängen FFL-1406: mkfli4l kann unter Windows keine CONFIG_DIR-Dateipfade verarbeiten FFL-1407: mkfli4l: Nutzung von is...()-Funktionen verbessern FFL-1409: OpenSSL-Update auf Version 1.0.1o FFL-1414: Korrektur der englischen Ausgabe von check-bootfiles.sh FFL-1439: OpenSSL-Update auf Version 1.0.1p FFL-1449: Vereinheitlichung von Groß- und Kleinschreibung von mkfli4l 3.10.4: ------- FFL-828: Passwortlänge FFL-1334: Syslog-Meldungen werden verschluckt FFL-1456: Das Build-Script testet zu erstellende Firewall-Regeln nicht genau genug auf richtige Syntax, wenn LOG:PREFIX verwendet wird FFL-1470: Ergänzen der Dokumentation in Bezug auf die genauere Funktionsweise von DNS_FORWARDERS FFL-1487: DNS_LISTEN_% funktioniert nicht mit Ports FFL-1489: IPv6-Adressen mit Portangabe mehrdeutig in LISTEN_IP_PORT-Variablen 3.10.5: ------- FFL-1530: imond prüft Administrator-Passwort nicht erfolgreich FFL-1538: libpng: Sicherheitsupdate auf Version 1.6.19 FFL-1555: OpenSSL-Update auf Version 1.0.1q FFL-1573: "Restart-Build" - Button im Windowsbuild aktivieren FFL-1593: mkfli4l.sh: Option --batch bei --hdinstallpath ohne Effekt FFL-1614: OpenSSL-Update auf Version 1.0.1r FFL-1628: OpenVPN Inactivity timeout (--ping-restart) 3.10.6: ------- FFL-1648: OpenSSL-Update auf Version 1.0.1s FFL-1676: Firewalltemplate für Submission in Mail inkludieren 3.10.7: ------- FFL-1698: OpenSSL-Update auf Version 1.0.1t 3.10.8: ------- FFL-1777: OpenSSL-Update auf Version 1.0.1u FFL-1812: OpenSSL 1.0.1 durch Version 1.0.2 ersetzen 3.10.9: ------- FFL-1860: fli4l-tools können nicht mit GCC Version > 5 gebaut werden FFL-1862: OpenSSL-Update auf Version 1.0.2k 3.10.10: -------- FFL-1886: In HOSTNAME_ALIAS_x definierte Aliases werden nicht im WebGUI im DNS-Status angezeigt FFL-1909: mkfli4l (build) bricht bei Windows 10 (1703) mit Fehler ab FFL-1911: Buffer overflow in mkfli4l bei großen HOST_N FFL-1923: Linux Kernel Header auf die Version 3.16 anheben 3.10.11: -------- FFL-1912: Unterstützung für SixXS-Tunnel ausbauen FFL-1944: OpenSSL-Update auf Version 1.0.2l 3.10.12: -------- FFL-1954: Groß-/Kleinschreibung Paketfilter-Templates FFL-1992: Behandlung des Ergebniscodes in service-restart.sh fehlerhaft FFL-2000: Wrapper-Skript produziert merkwürdige Fehlermeldungen FFL-2006: OpenSSL-Update auf Version 1.0.2m FFL-2022: OpenSSL-Update auf Version 1.0.2n FFL-2029: Paketfilterregeln können keine IPv6-Adressen verarbeiten, die mit a-f beginnen FFL-2030: Tests für die IPv4- und IPv6-Paketfilter werden nicht sauber getrennt FFL-2035: Angaben zur Kernel Version in der Doku sollen patchlevel enthalten FFL-2039: Downloadskripte an neue Server anpassen FFL-2040: opt_stunnel PF-Regeln ermöglichen unerlaubten Zugriff