WebSVN – ALCASAR – Diff – /CHANGELOG

-# $Id: CHANGELOG 786 2012-01-02 22:50:31Z richard $
+# $Id: CHANGELOG 790 2012-01-12 23:23:59Z richard $
 ************  CHANGELOG ***********
 ---- svn ----
+---- 2.5 ----
+Bug
-- Bug : watchdog release the ip address of macallowed equipment (insteed of logout the user)
+	- watchdog (and script alcasar-logout.sh) doesn't logout the macallowed addresses
-- Bug : reading of alcasar.conf file parameters more securely
+	- reading of alcasar.conf file parameters more securely
-- Bug : don't download RPMs twice
+	- don't download RPMs twice
-- Bug : allow connexion to an LDAP server on WAN side
+	- allow connexion to an LDAP server on WAN side
-- Bug : don't disconnect user in some case (when the equipment is authenticated with Mac adresse)
-- Bug : control that watchdog can't execute if already running
+	- control that watchdog can't execute if already running
-- Core : allow FTP in output
+	- allow FTP in output
+Improve Core
-- Core : new alcasar-iptables.sh script (more logically strutured)
+	- new alcasar-iptables.sh script (more logically strutured)
-- Core : update phpsysinfo page ("Internet access flag" nom show the right status)
+	- update phpsysinfo page ("Internet access flag" nom show the right status)
-- Core : Authenticate user on Mysql when LDAP server is down
+	- Authenticate user on Mysql when LDAP server is down
-- Core : import users via text file with or without password
+	- import users via text file with or without password
+Improve security
-- Security : The 8080 (TCP) and 53 (UDP) ports are now hidden on Lan side
+	- The 8080 (TCP) and 53 (UDP) ports are now hidden on Lan side
+	- ANSSI code review (sql escape string)
+	- remove the apache unused modules
+Improve installation
-- Install : control eth0 config on startup (no dhcp)
+	- control eth0 config on startup (no dhcp)
-- Install : don't dowload the last BL version
+	- don't dowload the last BL version
+	- remove unused RPM before update the system
+Improve Alcasar Control Center (ACC)
+	-
 ---- 2.4 ----
 - Bug : some minor bugs (log rotate, intercept page, squid, ...)
 - Bug : ACC - correction of the Internet connectivity test flag
 - Bug : ACC - correction of the network filtering flag
 - Bug : core : ip filtering exception changes doesn't active protocols exception filter
 - Core : update with the last version of Coova (1.2.8)
 - Core : End of implementation of ANSSI rules for netfilter
 - Core : allow exception of IP addresses (or network addresses) in the authentication process
 ---- 2.2 ----
-- blacklist category "ip" is added for url that contains ip address (no domain name)
+- blacklist category "ip" is added for url that contains only an ip address (no FQDN)
-- IP parameters can be change in central conf. Apply then with the script "alcasar-conf.sh -apply"
+- IP parameters can be change in central conf file. Apply with the script "alcasar-conf.sh -apply"
 - 'alcasar-nf.sh' and 'alcasar-bl.sh' scripts now use the global parameters file (alcasar.conf)
 - allow LDAP/AD connections both on WAN and LAN servers
 - Add a LDAP connectivity test
 - possibility to redirect users on a specific URL after login process
 - A bug with "sudo" is bypassed
 - inclusion d'un fichier 'alcasar-dns-name' permettant de définir des associations @IP <--> DNS par Dnsmasq
 - qq bugs mineurs (ntpd, adresse coova 1.0.0.0, etc.)
 ---- 2.0 ----
 - mise à jour de la documentation technique
-- rajout des switchs en '--' pour remplacer les '-' des scripts
+- ajout des switchs en '--' pour remplacer les '-' des scripts
 - accès authentifié à la la page de garde du centre de gestion
 - Prise en compte du script "alcasar-iptables-local.sh" dans le cadre du ByPass
 - Prise en compte des catégories de la BL dans l'interface de gestion
 - prise en compte par le watchdog de la redirection usager si panne eth0 ou panne default-gw
 - Simplification de la procédure de mise à jour

Subversion Repositories ALCASAR

(root)/CHANGELOG @ 790 – Rev 786 → 790