From df5eeb7d1b18984e5882657382018a5c13b2ffaf Mon Sep 17 00:00:00 2001 From: Rob White Date: Wed, 14 Jun 2023 15:34:05 +0100 Subject: [PATCH] Update Changelog Signed-off-by: Rob White --- ChangeLog | 96 +++++++++++++++++++++++++++++++++++++++ docs/source/changelog.rst | 96 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 192 insertions(+) diff --git a/ChangeLog b/ChangeLog index 87d6837..b563627 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,99 @@ +opennds (10.1.0) + + * This version is a major upgrade including full migration to nftables + * and native uci configuration support even for generic Linux distributions. + * It also includes a significant refactoring of inbuilt memory management, + * improving long term reliability, fixing several memory leaks, buffer overflows and several edge case crashes. + * Fix - use get_list_from_config instead of get_option_from_config [bluewavenet] + * Fix - compiler warning - unused variable [bluewavenet] + * Fix - remove redundant function call ipsetconf [bluewavenet] + * Fix - walledgarden for both nftset and ipset on OpenWrt [bluewavenet] + * Add - more meaningful output if attempt is made to restart when already running [bluewavenet] + * Fix - resolve gatewayfqdn after startup [bluewavenet] + * Fix - Choose forground or background running according to commandline arguments [bluewavenet] + * Fix - remove superfluous debug message [bluewavenet] + * Fix - replace sleep with procd_set_param term_timeout [bluewavenet] + * Fix - make option enabled default to enabled [bluewavenet] + * Fix - report authmon pid instead of opennds pid from authmon [bluewavenet] + * Fix - ensure correct pid obtained for opennds [bluewavenet] + * Add - StartLimitIntervalSec and StartLimitBurst to systemd service script [bluewavenet] + * Fix - refactor remote downloads [bluewavenet] + * Fix - suppress error message on ipset test failure [bluewavenet] + * Fix - send non-syslog debug information to stdout by default [bluewavenet] + * Add - C function to check heartbeat watchdog [bluewavenet] + * Fix - Update generic Linux makefile [bluewavenet] + * Fix - remove redundant ruleset struct definition [bluewavenet] + * Fix - potential buffer overflow issue during config stage [bluewavenet] + * Fix - remove unnecessary calls to free() in page 404 processing [bluewavenet] + * Fix - remove redundant code from fw_iptables [bluewavenet] + * Add - updates to binauth_log script [bluewavenet] + * Add - updates for service startup, systemd and procd [bluewavenet] + * Add - refactoring of commandline processing [bluewavenet] + * Fix - remove debugging message [bluewavenet] + * Fix - typo in client ruleset [bluewavenet] + * Add - Refactor to use uci config directly even for Generic Linux [bluewavenet] + * Add - Parsing for multi item lists with spaces in items [bluewavenet] + * Add - use common library call get_option_fom_config [bluewavenet] + * Add - support for direct use of uci format config file - string and integer parameters [bluewavenet] + * Fix - Remove deprecated syslog_facility config setting [bluewavenet] + * Add - thread busy message to ndsctl [bluewavenet] + * Add - refactor configure_log_location [bluewavenet] + * Fix - suppress LOG_NOTICE message when getting mac of interface [bluewavenet] + * Fix - ndsctl error message [bluewavenet] + * Fix - get_client_interface for levels 2 and 3 [bluewavenet] + * Add - use common library write_log function [bluewavenet] + * Add - Refactor memory management [bluewavenet] + * Fix - fix and refactor upload rate limiting rules [bluewavenet] + * Fix - Change a debug message from err to info [bluewavenet] + * Add - refine common buffer sizes [bluewavenet] + * Add - use initialised heap memory for redirect_to_splashpage [bluewavenet] + * Add - user message to themespec [bluewavenet] + * Add - auth_restore support ie reauth clients after a restart by default. [bluewavenet] + * Add - Library call to preemptively re-auth clients after a restart or crash [bluewavenet] + * Add - BinAuth, write an authenticated clients list [bluewavenet] + * Add - library call "check_heartbeat" [bluewavenet] + * Fix - Tidy up redundant code [bluewavenet] + * Fix - change warning message to debug message when iw not installed [bluewavenet] + * Add - library call to log to syslog [bluewavenet] + * Fix - use initialised heap memory for client list entries [bluewavenet] + * Fix - ignore legacy ipset firewall rule [bluewavenet] + * Fix - refactor memory management for MHD calls - use heap memory for buffers etc [bluewavenet] + * Fix - missing free causing memory leak [bluewavenet] + * Fix - predefine and initialise buffer for send_redirect_temp [bluewavenet] + * Add - support protocol "all" in firewall ruleset [bluewavenet] + * Add - pre-allocation of initialised buffers [bluewavenet] + * Fix - prevent buffer overrun on removing client [bluewavenet] + * Add - update MHD connection timeout and connection limit [bluewavenet] + * Add - chain ndsDLR for dynamic client download rate limiting rules [bluewavenet] + * Add - Use Internal Polling Thread / Thread Per Connection in MHD [bluewavenet] + * Add - some new default values [bluewavenet] + * Fix - remove some redundant code and fix some compiler warnings [bluewavenet] + * Fix - remove redundant library command string [bluewavenet] + * Fix - Tidy up redundant iptables code [bluewavenet] + * Add - convert trusted client support to nftables [bluewavenet] + * Add - refer to nftables [bluewavenet] + * Add - move code for generating authentication mark string to initial setup [bluewavenet] + * Add - full nftset support with ipset import where required [bluewavenet] + * Add - nftset support library calls [bluewavenet] + * Add - ipset_to_nftset library call [bluewavenet] + * Add - support for nftables version of append_ruleset and nftables_compile [bluewavenet] + * Fix - buffer overflow in page_511 generation [bluewavenet] + * Add - more nftables migration including rate quotas [bluewavenet] + * Fix - change GatewayInterface to lower case [bluewavenet] + * Add - upload and download limiting client flags for future use [bluewavenet] + * add - lib calls "pad_string" and "replace_client_rule" [bluewavenet] + * Add - further nftables migration [bluewavenet] + * Fix - correctly parse options from legacy conf file [bluewavenet] + * Fix - some compiler warnings and set min iptables version [bluewavenet] + * Add - Generic Linux configure walledgarden [bluewavenet] + * Add - Implementation of nftsets for walledgarden [bluewavenet] + * Add - migration to nftables, next phase. [bluewavenet] + * Add - library function delete_client_rule [bluewavenet] + * Fix - remove duplicate definition [bluewavenet] + * Add - First stage migration to nftables [bluewavenet] + + -- Rob White Tue, 14 Jun 2023 14:22:50 +0000 + opennds (9.10.0) * This version adds new functionality, and fixes some issues diff --git a/docs/source/changelog.rst b/docs/source/changelog.rst index 60163b9..19bbde5 100644 --- a/docs/source/changelog.rst +++ b/docs/source/changelog.rst @@ -1,6 +1,102 @@ What's New? - ChangeLog ####################### +opennds (10.1.0) + + * This version is a major upgrade including full migration to nftables + * and native uci configuration support even for generic Linux distributions. + * It also includes a significant refactoring of inbuilt memory management, + * improving long term reliability, fixing several memory leaks, buffer overflows and several edge case crashes. + * Fix - use get_list_from_config instead of get_option_from_config [bluewavenet] + * Fix - compiler warning - unused variable [bluewavenet] + * Fix - remove redundant function call ipsetconf [bluewavenet] + * Fix - walledgarden for both nftset and ipset on OpenWrt [bluewavenet] + * Add - more meaningful output if attempt is made to restart when already running [bluewavenet] + * Fix - resolve gatewayfqdn after startup [bluewavenet] + * Fix - Choose forground or background running according to commandline arguments [bluewavenet] + * Fix - remove superfluous debug message [bluewavenet] + * Fix - replace sleep with procd_set_param term_timeout [bluewavenet] + * Fix - make option enabled default to enabled [bluewavenet] + * Fix - report authmon pid instead of opennds pid from authmon [bluewavenet] + * Fix - ensure correct pid obtained for opennds [bluewavenet] + * Add - StartLimitIntervalSec and StartLimitBurst to systemd service script [bluewavenet] + * Fix - refactor remote downloads [bluewavenet] + * Fix - suppress error message on ipset test failure [bluewavenet] + * Fix - send non-syslog debug information to stdout by default [bluewavenet] + * Add - C function to check heartbeat watchdog [bluewavenet] + * Fix - Update generic Linux makefile [bluewavenet] + * Fix - remove redundant ruleset struct definition [bluewavenet] + * Fix - potential buffer overflow issue during config stage [bluewavenet] + * Fix - remove unnecessary calls to free() in page 404 processing [bluewavenet] + * Fix - remove redundant code from fw_iptables [bluewavenet] + * Add - updates to binauth_log script [bluewavenet] + * Add - updates for service startup, systemd and procd [bluewavenet] + * Add - refactoring of commandline processing [bluewavenet] + * Fix - remove debugging message [bluewavenet] + * Fix - typo in client ruleset [bluewavenet] + * Add - Refactor to use uci config directly even for Generic Linux [bluewavenet] + * Add - Parsing for multi item lists with spaces in items [bluewavenet] + * Add - use common library call get_option_fom_config [bluewavenet] + * Add - support for direct use of uci format config file - string and integer parameters [bluewavenet] + * Fix - Remove deprecated syslog_facility config setting [bluewavenet] + * Add - thread busy message to ndsctl [bluewavenet] + * Add - refactor configure_log_location [bluewavenet] + * Fix - suppress LOG_NOTICE message when getting mac of interface [bluewavenet] + * Fix - ndsctl error message [bluewavenet] + * Fix - get_client_interface for levels 2 and 3 [bluewavenet] + * Add - use common library write_log function [bluewavenet] + * Add - Refactor memory management [bluewavenet] + * Fix - fix and refactor upload rate limiting rules [bluewavenet] + * Fix - Change a debug message from err to info [bluewavenet] + * Add - refine common buffer sizes [bluewavenet] + * Add - use initialised heap memory for redirect_to_splashpage [bluewavenet] + * Add - user message to themespec [bluewavenet] + * Add - auth_restore support ie reauth clients after a restart by default. [bluewavenet] + * Add - Library call to preemptively re-auth clients after a restart or crash [bluewavenet] + * Add - BinAuth, write an authenticated clients list [bluewavenet] + * Add - library call "check_heartbeat" [bluewavenet] + * Fix - Tidy up redundant code [bluewavenet] + * Fix - change warning message to debug message when iw not installed [bluewavenet] + * Add - library call to log to syslog [bluewavenet] + * Fix - use initialised heap memory for client list entries [bluewavenet] + * Fix - ignore legacy ipset firewall rule [bluewavenet] + * Fix - refactor memory management for MHD calls - use heap memory for buffers etc [bluewavenet] + * Fix - missing free causing memory leak [bluewavenet] + * Fix - predefine and initialise buffer for send_redirect_temp [bluewavenet] + * Add - support protocol "all" in firewall ruleset [bluewavenet] + * Add - pre-allocation of initialised buffers [bluewavenet] + * Fix - prevent buffer overrun on removing client [bluewavenet] + * Add - update MHD connection timeout and connection limit [bluewavenet] + * Add - chain ndsDLR for dynamic client download rate limiting rules [bluewavenet] + * Add - Use Internal Polling Thread / Thread Per Connection in MHD [bluewavenet] + * Add - some new default values [bluewavenet] + * Fix - remove some redundant code and fix some compiler warnings [bluewavenet] + * Fix - remove redundant library command string [bluewavenet] + * Fix - Tidy up redundant iptables code [bluewavenet] + * Add - convert trusted client support to nftables [bluewavenet] + * Add - refer to nftables [bluewavenet] + * Add - move code for generating authentication mark string to initial setup [bluewavenet] + * Add - full nftset support with ipset import where required [bluewavenet] + * Add - nftset support library calls [bluewavenet] + * Add - ipset_to_nftset library call [bluewavenet] + * Add - support for nftables version of append_ruleset and nftables_compile [bluewavenet] + * Fix - buffer overflow in page_511 generation [bluewavenet] + * Add - more nftables migration including rate quotas [bluewavenet] + * Fix - change GatewayInterface to lower case [bluewavenet] + * Add - upload and download limiting client flags for future use [bluewavenet] + * add - lib calls "pad_string" and "replace_client_rule" [bluewavenet] + * Add - further nftables migration [bluewavenet] + * Fix - correctly parse options from legacy conf file [bluewavenet] + * Fix - some compiler warnings and set min iptables version [bluewavenet] + * Add - Generic Linux configure walledgarden [bluewavenet] + * Add - Implementation of nftsets for walledgarden [bluewavenet] + * Add - migration to nftables, next phase. [bluewavenet] + * Add - library function delete_client_rule [bluewavenet] + * Fix - remove duplicate definition [bluewavenet] + * Add - First stage migration to nftables [bluewavenet] + + -- Rob White Tue, 14 Jun 2023 14:22:50 +0000 + opennds (9.10.0) * This version adds new functionality, and fixes some issues