2,21 → 2,29 |
|
************ CHANGELOG *********** |
---- svn ---- |
- Bug : watchdog release the ip address of macallowed equipment (insteed of logout the user) |
- Bug : reading of alcasar.conf file parameters more securely |
- Bug : don't download RPMs twice |
- Bug : allow connexion to an LDAP server on WAN side |
- Bug : don't disconnect user in some case (when the equipment is authenticated with Mac adresse) |
- Bug : control that watchdog can't execute if already running |
- Core : allow FTP in output |
- Core : new alcasar-iptables.sh script (more logically strutured) |
- Core : update phpsysinfo page ("Internet access flag" nom show the right status) |
- Core : Authenticate user on Mysql when LDAP server is down |
- Core : import users via text file with or without password |
- Security : The 8080 (TCP) and 53 (UDP) ports are now hidden on Lan side |
- Install : control eth0 config on startup (no dhcp) |
- Install : don't dowload the last BL version |
|
---- 2.5 ---- |
Bug |
- watchdog (and script alcasar-logout.sh) doesn't logout the macallowed addresses |
- reading of alcasar.conf file parameters more securely |
- don't download RPMs twice |
- allow connexion to an LDAP server on WAN side |
- control that watchdog can't execute if already running |
- allow FTP in output |
Improve Core |
- new alcasar-iptables.sh script (more logically strutured) |
- update phpsysinfo page ("Internet access flag" nom show the right status) |
- Authenticate user on Mysql when LDAP server is down |
- import users via text file with or without password |
Improve security |
- The 8080 (TCP) and 53 (UDP) ports are now hidden on Lan side |
- ANSSI code review (sql escape string) |
- remove the apache unused modules |
Improve installation |
- control eth0 config on startup (no dhcp) |
- don't dowload the last BL version |
- remove unused RPM before update the system |
Improve Alcasar Control Center (ACC) |
- |
---- 2.4 ---- |
- Bug : some minor bugs (log rotate, intercept page, squid, ...) |
- Bug : ACC - correction of the Internet connectivity test flag |
38,8 → 46,8 |
- Core : allow exception of IP addresses (or network addresses) in the authentication process |
|
---- 2.2 ---- |
- blacklist category "ip" is added for url that contains ip address (no domain name) |
- IP parameters can be change in central conf. Apply then with the script "alcasar-conf.sh -apply" |
- blacklist category "ip" is added for url that contains only an ip address (no FQDN) |
- IP parameters can be change in central conf file. Apply with the script "alcasar-conf.sh -apply" |
- 'alcasar-nf.sh' and 'alcasar-bl.sh' scripts now use the global parameters file (alcasar.conf) |
- allow LDAP/AD connections both on WAN and LAN servers |
- Add a LDAP connectivity test |
81,7 → 89,7 |
|
---- 2.0 ---- |
- mise à jour de la documentation technique |
- rajout des switchs en '--' pour remplacer les '-' des scripts |
- ajout des switchs en '--' pour remplacer les '-' des scripts |
- accès authentifié à la la page de garde du centre de gestion |
- Prise en compte du script "alcasar-iptables-local.sh" dans le cadre du ByPass |
- Prise en compte des catégories de la BL dans l'interface de gestion |