Line 1... |
Line 1... |
1 |
# $Id: CHANGELOG 786 2012-01-02 22:50:31Z richard $
|
1 |
# $Id: CHANGELOG 790 2012-01-12 23:23:59Z richard $
|
2 |
|
2 |
|
3 |
************ CHANGELOG ***********
|
3 |
************ CHANGELOG ***********
|
4 |
---- svn ----
|
4 |
---- svn ----
|
- |
|
5 |
---- 2.5 ----
|
- |
|
6 |
Bug
|
5 |
- Bug : watchdog release the ip address of macallowed equipment (insteed of logout the user)
|
7 |
- watchdog (and script alcasar-logout.sh) doesn't logout the macallowed addresses
|
6 |
- Bug : reading of alcasar.conf file parameters more securely
|
8 |
- reading of alcasar.conf file parameters more securely
|
7 |
- Bug : don't download RPMs twice
|
9 |
- don't download RPMs twice
|
8 |
- Bug : allow connexion to an LDAP server on WAN side
|
10 |
- allow connexion to an LDAP server on WAN side
|
9 |
- Bug : don't disconnect user in some case (when the equipment is authenticated with Mac adresse)
|
- |
|
10 |
- Bug : control that watchdog can't execute if already running
|
11 |
- control that watchdog can't execute if already running
|
11 |
- Core : allow FTP in output
|
12 |
- allow FTP in output
|
- |
|
13 |
Improve Core
|
12 |
- Core : new alcasar-iptables.sh script (more logically strutured)
|
14 |
- new alcasar-iptables.sh script (more logically strutured)
|
13 |
- Core : update phpsysinfo page ("Internet access flag" nom show the right status)
|
15 |
- update phpsysinfo page ("Internet access flag" nom show the right status)
|
14 |
- Core : Authenticate user on Mysql when LDAP server is down
|
16 |
- Authenticate user on Mysql when LDAP server is down
|
15 |
- Core : import users via text file with or without password
|
17 |
- import users via text file with or without password
|
- |
|
18 |
Improve security
|
16 |
- Security : The 8080 (TCP) and 53 (UDP) ports are now hidden on Lan side
|
19 |
- The 8080 (TCP) and 53 (UDP) ports are now hidden on Lan side
|
- |
|
20 |
- ANSSI code review (sql escape string)
|
- |
|
21 |
- remove the apache unused modules
|
- |
|
22 |
Improve installation
|
17 |
- Install : control eth0 config on startup (no dhcp)
|
23 |
- control eth0 config on startup (no dhcp)
|
18 |
- Install : don't dowload the last BL version
|
24 |
- don't dowload the last BL version
|
- |
|
25 |
- remove unused RPM before update the system
|
- |
|
26 |
Improve Alcasar Control Center (ACC)
|
19 |
|
27 |
-
|
20 |
---- 2.4 ----
|
28 |
---- 2.4 ----
|
21 |
- Bug : some minor bugs (log rotate, intercept page, squid, ...)
|
29 |
- Bug : some minor bugs (log rotate, intercept page, squid, ...)
|
22 |
- Bug : ACC - correction of the Internet connectivity test flag
|
30 |
- Bug : ACC - correction of the Internet connectivity test flag
|
23 |
- Bug : ACC - correction of the network filtering flag
|
31 |
- Bug : ACC - correction of the network filtering flag
|
24 |
- Bug : core : ip filtering exception changes doesn't active protocols exception filter
|
32 |
- Bug : core : ip filtering exception changes doesn't active protocols exception filter
|
Line 36... |
Line 44... |
36 |
- Core : update with the last version of Coova (1.2.8)
|
44 |
- Core : update with the last version of Coova (1.2.8)
|
37 |
- Core : End of implementation of ANSSI rules for netfilter
|
45 |
- Core : End of implementation of ANSSI rules for netfilter
|
38 |
- Core : allow exception of IP addresses (or network addresses) in the authentication process
|
46 |
- Core : allow exception of IP addresses (or network addresses) in the authentication process
|
39 |
|
47 |
|
40 |
---- 2.2 ----
|
48 |
---- 2.2 ----
|
41 |
- blacklist category "ip" is added for url that contains ip address (no domain name)
|
49 |
- blacklist category "ip" is added for url that contains only an ip address (no FQDN)
|
42 |
- IP parameters can be change in central conf. Apply then with the script "alcasar-conf.sh -apply"
|
50 |
- IP parameters can be change in central conf file. Apply with the script "alcasar-conf.sh -apply"
|
43 |
- 'alcasar-nf.sh' and 'alcasar-bl.sh' scripts now use the global parameters file (alcasar.conf)
|
51 |
- 'alcasar-nf.sh' and 'alcasar-bl.sh' scripts now use the global parameters file (alcasar.conf)
|
44 |
- allow LDAP/AD connections both on WAN and LAN servers
|
52 |
- allow LDAP/AD connections both on WAN and LAN servers
|
45 |
- Add a LDAP connectivity test
|
53 |
- Add a LDAP connectivity test
|
46 |
- possibility to redirect users on a specific URL after login process
|
54 |
- possibility to redirect users on a specific URL after login process
|
47 |
- A bug with "sudo" is bypassed
|
55 |
- A bug with "sudo" is bypassed
|
Line 79... |
Line 87... |
79 |
- inclusion d'un fichier 'alcasar-dns-name' permettant de définir des associations @IP <--> DNS par Dnsmasq
|
87 |
- inclusion d'un fichier 'alcasar-dns-name' permettant de définir des associations @IP <--> DNS par Dnsmasq
|
80 |
- qq bugs mineurs (ntpd, adresse coova 1.0.0.0, etc.)
|
88 |
- qq bugs mineurs (ntpd, adresse coova 1.0.0.0, etc.)
|
81 |
|
89 |
|
82 |
---- 2.0 ----
|
90 |
---- 2.0 ----
|
83 |
- mise à jour de la documentation technique
|
91 |
- mise à jour de la documentation technique
|
84 |
- rajout des switchs en '--' pour remplacer les '-' des scripts
|
92 |
- ajout des switchs en '--' pour remplacer les '-' des scripts
|
85 |
- accès authentifié à la la page de garde du centre de gestion
|
93 |
- accès authentifié à la la page de garde du centre de gestion
|
86 |
- Prise en compte du script "alcasar-iptables-local.sh" dans le cadre du ByPass
|
94 |
- Prise en compte du script "alcasar-iptables-local.sh" dans le cadre du ByPass
|
87 |
- Prise en compte des catégories de la BL dans l'interface de gestion
|
95 |
- Prise en compte des catégories de la BL dans l'interface de gestion
|
88 |
- prise en compte par le watchdog de la redirection usager si panne eth0 ou panne default-gw
|
96 |
- prise en compte par le watchdog de la redirection usager si panne eth0 ou panne default-gw
|
89 |
- Simplification de la procédure de mise à jour
|
97 |
- Simplification de la procédure de mise à jour
|