9,7 → 9,7 |
- The WhiteList architecture is enabled |
- All the documentation has been translated in english |
- The security certificate is now signed in sha256 |
Core improuvments |
Core improvements |
- HAVP doesn't scan youtube flows (too heavy load / no risk) |
|
---------------------- 2.6.1 ----------------- |
31,12 → 31,12 |
- "activity.php" : don't print "private_ip_address". Update with new "chilli_query" output |
- re-activation of COA between radius and coova (radius disconnect the users directly). |
- the "url-redirect" attribute now works fine (coovachilli V.1.2.9-1) |
Core improuvments |
Core improvements |
- all "alcasar.info" becomes "alcasar.net" in code |
- change the order of http chain (DG --> squid --> HAVP --> Internet) more réactivity and less charge of CPU |
- Dansguardian deny domains when requested via proxy http |
- The database is checked (and repair) every week |
Improve security |
security improvements |
- The blacklist is now verified before activating (ANSSI need) |
- The school/parental control can now filter search engines (google, bing, yahoo, matacrowler, etc.) and Youtube |
News |
66,13 → 66,13 |
- allow FTP in output |
- eth1 is no more configured. Tun0 works better (only one arp cache) |
- modoarchive is deleted (too many bugs and too hard to debug) |
Improve Core |
Core improvements |
- new alcasar-iptables.sh script (more logically strutured) |
- update phpsysinfo page ("Internet access flag" nom show the right status) |
- Authenticate user on Mysql when LDAP server is down |
- import users via text file with or without password |
- last version of coova-chilli |
Improve security |
security improvements |
- The 8080 (TCP) and 53 (UDP) ports are now hidden on Lan side |
- ANSSI code review (sql escape string in PHP) |
- remove the apache unused modules |
79,7 → 79,7 |
- the blacklist is no more update automaticly |
- postfix banner is more secure |
- anonymisation of squid (+ remove of 'x_forwarded' rule) |
Improve installation |
installation improvements |
- control eth0 config on startup (no dhcp) |
- don't download the last BL version |
- remove unused RPM before update the system |
104,10 → 104,10 |
Bugs |
- group properties are now written on the voucher |
- hold the state of network filter when update |
Core improuvments |
Core improvements |
- simplify official certificate import process |
- update with the last version of Coova (1.2.8) |
Improve security |
security improvements |
- end of implementation of ANSSI rules for netfilter |
News |
- allow exception of IP addresses (or network addresses) in the authentication process |
118,14 → 118,14 |
- A bug with "sudo" is bypassed |
- improve the script which display and close users open sessions |
- some minor bugs |
Core improuvments |
Core improvements |
- add a central conf file (/usr/local/etc/alcasar.conf) |
- IP parameters can be change in central conf file. Apply with the script "alcasar-conf.sh -apply" |
- 'alcasar-nf.sh' and 'alcasar-bl.sh' scripts now use the global parameters file (alcasar.conf) |
- improve the script which managed the trusted sites and urls |
Improve security |
security improvements |
- close all accounting session when the system goes down or up |
Improve install process |
installation process improvements |
- allow change of alcasar IP private address during install stage |
- no more question, when upgrating |
News |