$Id: WhatIsNew,v 1.4 2004/05/02 22:49:56 ktsaou Exp $

What Is New in public releases.
-------------------------------

R5 v1.191, May 2, 2004
This release features more services, including ORACLE, GKRELLMD,
DCC, WHOIS, fixed CUPS, enhanced SAMBA services, new optional
rule parameters, including PHYSIN, PHYSOUT, updated MAC helper, 
better compatibility, better kernel module management, support
for ULOG logging, better iptables statements generation, updated
PRIVATE_IPS for IANA reservations, and various bug fixes.
All users are advised to update to this version.


R5 v1.159, Oct 10, 2003
This release features more services including MSN, DCPP, JABBER,
JABBERD, WEBMIN, TIME, POSTGRES, HYLAFAX, XDMCP, TFTP, Veritas
NetBackup, many updates and fixes to other services, three new
helpers, the MAC helper (global pairing of MAC and IP addresses),
the BLACKLIST helper (blacklist certain IPs - unidirectional or
bidirectional), the MARK helper (mark packets for use by QoS),
two new optional rule parameters, MAC (match source MAC address)
and OWNER (match the user sending traffic), and it also provides
better interoperability with various distributions (mainly
Gentoo - also firehol now detects if all needed commands are
present), more control on kernel module management (and better
detection of iptables modules compiled in the kernel), more
control on firewall status during a firewall restart, cleaner
iptables commands generation, better support for kernel 2.6.x,
and more.

R5 v1.120, Apr 6, 2003
The main new feature of this release is the HELPME function that
detects and produces the FireHOL configuration for the host run.
Additionally, this release introduces a new PANIC mode which is now
handled entirely by FireHOL, has better handling of the MIRROR target,
has wider support for SNMPTRAP and SYSLOG, a definition for the
SOCKS service, and better interoperability with various Linux
distributions (i.e. Debian).

R5, v1.91, Feb 18, 2003
This release adds support for controlling log levels on a per rule basis,
updated RESERVED_IPS variable according to the latest releases of IANA,
and a few minor fixes to increase compatibility on various Linux
distributions. 

R5, v1.89, Feb 3, 2003
This release adds the service eMule (for clients, servers, and routers),
supporting the bi-directional socket environment required by the popular
eDonkey network client. 

R5, v1.88, Jan 30, 2003
This release fixes all reported problems related to NAT. FireHOL now
fully supports DNAT, SNAT, REDIRECT, and MASQUERADE implemented as
helper commands, and also the TRANSPARENT_SQUID helper for setting up
transparent HTTP caches running on the firewall host (supporting
transparent caching for traffic targeting, passing through, and
originated from the firewall host). 

R5, v1.85, Jan 28, 2003
The masquerade helper has been fixed to handle the 'reverse' keyword
correctly and accept the network interface as expected. 

R5, v1.83, Jan 27, 2003
This release adds support for NAT (SNAT, DNAT, and REDIRECT), support
for the OWNER iptables module (user, group, session, and process),
various error handler enhancements, support for runtime warnings (for
missing kernel modules; it now runs on kernels compiled without
modules), and a few workarounds for bugs in iptables-save (regarding
the owner module). 

R5, v1.70, Jan 8, 2003
In this release the services ping, AH (IPSEC), ESP (IPSEC), GRE, and
microsoft_ds have been added, the action REJECT has been changed to be
"smart" and send TCP RST on TCP and ICMP port unreachable on all other
protocols, various speed optimizations have been applied, and a
"transparent_squid" helper has been added to take care of port
forwarding for setting up a transparent cache. 

For files released before 2003, please check the ChangeLog file. 
