Sat May 19 2001 Tomas Junnonen <majix@sci.fi>

	* src/netfilter-script.c: Now unloads the ipchains module
	correctly on 2.4 systems (mostly for RH 7.1)
	* src/util.c,logread.c,portfw.c: Fixed the problem with
	the never ending script detection
	* src/sort-clist.c: Fixed crash when sorting as
	non-root user

Wed May 02 2001 Tomas Junnonen <majix@sci.fi>

	* src/*.c: proper checks for fopen + errno messages
	on failure, by Mattias Eriksson

Fri Apr 20 2001 Tomas Junnonen <majix@sci.fi>

	* firestarter.spec: The manual is now properly installed
	when using RPM.

Sun Apr 08 2001 Tomas Junnonen <majix@sci.fi>

	* src/portfw.c: Portforwarding feature is now complete.
	Works both in Linux 2.2 (with ipmasqadm) and in Linux 2.4.

Sat Mar 31 2001 Tomas Junnonen <majix@sci.fi>

	* !/src/portfw.c/h, /src/druid.c: Started
	work on port forwarding configuration interface.
	* /src/firestarter.c, /src/sort-clist.c: Sorting
	of the dynamic clists is messing up the rules. 
	Removed the sorting for now.

Thu Mar 22 2001 Paul Drain <pd@cipherfunk.org>

	* Makefile.in: added doc/ directory
	* src/menus.c: added "Manual" option to Help Menu
	* src/ipchains-script.c: one too many -y's in the Subseven
	detection options - removed.

Thu Mar 22 2001 Paul Drain <pd@cipherfunk.org>

	* configure.in: updated to include hooks for
	documentation.
	* src/druid.c: typo cleanup.

Wed Mar 21 2001 Paul Drain <pd@cipherfunk.org>

	* doc/*: everything added - beginnings of a proper
	manual, in Docbook format.  Anyone who can work with
	SGML is encouraged to send me patches to it.

Tue Mar 20 2001 Paul Drain <pd@cipherfunk.org>

	* src/service.c: added other known trojan ports
	* src/ipchains-script.c, src/netfilter-script.c:
	- Updated the known trojan listing (now includes subseven &
	stacheldraht)
	- Added outbound port filtering for all known trojans
	- Fixed port filtering for Multicast addresses
	- Added support for stuffed routing packets (0.0.0.0, etc)
	- Added support for fragmented packet filtering

Sun Mar 18 2001 Paul Drain <pd@cipherfunk.org>

	* src/ipchains-script.c, src/netfilter-script.c: 
	- Updated the block IP address range listing.
	- Added block for Trinity v3 DDoS attacks
	(was meant to go in 0.6.0, but got lost in the
	patch queue)
	- Added support for blocking and rate-limiting
	various trojan ports.

Fri Mar 16 2001 Paul Drain <pd@cipherfunk.org>

	* src/service.c/h: Added AH (protocol 51) to the services
	list to support IPSec.

Thu Mar 15 2001 Paul Drain <pd@cipherfunk.org>

	* src/ipchains-script.c, src/netfilter-script.c: Added
	IPSec / KLIPS support to default rulesets.

Sat Mar 10 2001 Tomas Junnonen <majix@sci.fi>

	* src/firestarter.src, src/sort-clist.c: Proper clist arrows
	by Joaquin.

Fri Mar 02 2001 Tomas Junnonen <majix@sci.fi>

	* !src/sort-clist.c/h, src/firestarter.c: Merged clist sort
	patch from Joaquin.
	* src/sort-clist.c: Added small + and - signs to the hitlist
	to mark the sorting order.

Thu Mar 01 2001 Paul Drain <pd@cipherfunk.org>

	* src/netfilter.c: Fixed severe backward compatibility bug
	in the final input rules - now only doing RELATED checks on
	the protocols that need it, rather than everything > 513.

Mon Feb 25 2001 Tomas Junnonen <majix@sci.fi>

	* src/firestarter.c: Added session managment
	* !util.c/h !logread.c/h: Spring cleaning time! :)
	Big code exodus from firestarter.c
	Work in progress.

Sun Feb 25 2001 Tomas Junnonen <majix@sci.fi>

	* src/ipchains-script.c: The policies for the input and output
	chains are restored to ACCEPT at the end.

Thu Feb 22 2001 Tomas Junnonen <majix@sci.fi>

	* src/lookup.c: Error dialogs for various lookup failures (Joaqun)

Tue Feb 20 2001 Tomas Junnonen <majix@sci.fi>

	* src/ipchains-script.c: if statement checking for bsd_comp
	was missing a ending fi. Effect: The script was left in a
	deny all state.
	* src/firestarter.c: Don't g_print out every line when reloading
	the hit list.
	* po/: Translation updates

Mon Feb 19 2001 Paul Drain <pd@cipherfunk.org>

	* src/netfilter-script.c: TOS rules upgraded for
	IPTables 1.2.

Sun Feb 18 2001 Tomas Junnonen <majix@sci.fi>

	* src/netfilter-script.c: Fixed lowercase table names
	in the TOS rules (output).

Sat Feb 17 2001 Tomas Junnonen <majix@sci.fi>

	* Lots of translation changes
	* Bumped version for 0.6.0 release

Wed Feb 14 2001 Tomas Junnonen <majix@sci.fi>

	* po/various: Brought a lot of translations up to date.

Tue Feb 13 2001 Paul Drain <pd@cipherfunk.org>

	* src/ipchains-script.c: Resolved a spacing problem in the
	incoming TCP high-port chain.

Mon Feb 12 2001 Tomas Junnonen <majix@sci.fi>

	* src/netfilter-script.c: Disabling ICMP filtering really,
	truly, 100% sure, allows all ICMP packets. Honest this time.

Sun Feb 11 2001 Paul Drain <pd@cipherfunk.org>

	* src/netfilter.c: Added TOS configuration options
	(yes!, finally - the script will DO ToS configurations)
	* src/ipchains-script.c: Same

Sat Feb 10 2001 Tomas Junnonen <majix@sci.fi>

	* src/druid.c: The masq intrange was not being loaded
	from the GNOME registry
	* src/firestarter.c: When detecting old scripts, now asks
	for confirmation before removing anything. Only removes
	firestarter files (instead of entire directory!)
	* src/netfilter-script.c: Forward policy is now DROP
	($STOP wasn't working). Minor cleanups here and there.

Fri Feb 09 2001 Paul Drain <pd@cipherfunk.org>

	* src/netfilter.c: ip_conntrack module cleanups, limit increases for
	ip_conntrack.

Thu Feb 08 2001 Tomas Junnonen <majix@sci.fi>

	* src/ipchains-script.c, src/netfilter-script.c: Some
	brackets were not properly closed.

Mon Feb 05 2001 Tomas Junnonen <majix@sci.fi>

	* src/preferences.c, src/druid.c: Merged the "show masq" &
	"show tos" options into a single "show all" wizard option.
	* src/ipchains-script.c, src/netfilter-script.c: The Disable
	ICMP Filtering wizard option REALLY disables ICMP filtering.
	* src/firestarter.c: Fixed a crash problem when reloading the
	hitlist. Added Paul Drain to the about box.

Sat Feb 02 2001 Paul Drain <pd@cipherfunk.org>

	* src/ipchains-script.c: Changed the Dynamic IP hack rule in 
	/proc to only be active if the PPP interface is loaded.
	* src/netfilter-script.c: Same
	
Sat Jan 27 2001 Tomas Junnonen <majix@sci.fi>

	* src/firestarter.c: stop_firewall() & halt_firewall() now
	checks for the locatesbin option
	* src/netfilter-script.c: removed the lines setting the default
	chain policy to DROP

Fri Jan 26 2001 Paul Drain <pd@cipherfunk.org>

	* src/ipchains-script.c: Added location checks for system
	binaries.

Thu Jan 25 2001 Tomas Junnonen <majix@sci.fi>

	* src/netfilter-script.c: Quick fix for NAT and SSH
	* src/menus.c: Added homepage url link to the Help menu

Wen Jan 24 2001 Tomas Junnonen <majix@sci.fi>

	* !src/druid-choices.h, !src/druid-choices.c, src/druid.c,
	src/scriptwriter.c, src/Makefile.am: Druid now remembers
	choices between sessions
	* src/firestarter.c: fixed segfault when removing old scripts and
	running the druid again

Tue Jan 23 2001 Tomas Junnonen <majix@sci.fi>

	* src/modrules.c: deny-all rules now always drop/deny
	* po/ca.po configure.in: added Catalan translation from Pablo Saratxaga
	* po/: fixes for es, fr, ga, and hu pot file headers
	* firestarter.c: fixed a string format issue

Sat Jan 20 2001 Tomas Junnonen <majix@sci.fi>

	* src/firestarter.c, src/firestarter.h, src/menus.c:
	Added "Halt all network traffic" option. Needs icon.
	Small appbar messaging changes.
	* src/firestarter.c, src/parse.h, src/parse.c
	Added proper script checks at startup:
	If made for wrong kernel or a program version older than
	the current version, remove scripts and start fresh.
	* firestarter.spec: Removed ipchains dependency

Sun Jan 07 2001 Paul Drain <pd@cipherfunk.org>

	* src/netfilter-script.c: Finished modprobe detection, also fixed
	some of the standard rules (flushing shouldn't only apply for the
	filter table for example)

Mon Jan 01 2001 Paul Drain <pd@cipherfunk.org>

	* src/ipchains-script.c
	* src/netfilter-script.c: Seperated INPUT & OUTPUT default rules

Mon Jan 01 2001 Paul Drain <pd@cipherfunk.org>

	* src/preferences.c: Added Outbound Filtering checkbox. If you are
	using a dialup firewall, or don't need the facility - leave this
	option off.

Sun Dec 31 2000 Paul Drain <pd@cipherfunk.org>

	* src/netfilter-script.c
	* src/ipchains-script.c: Added variables for modprobe and lsmod (some
	distributions do not ship modprobe in /sbin either)
	* src/preferences.c: altered the description for locate 
	ipchains/iptables to reflect the change above.

Sat Dec 30 2000 Paul Drain <pd@cipherfunk.org>

	* src/netfilter-script.c
	* src/ipchains-script.c: Implemented first revision of OUTBOUND packet 
	filtering. NOTE: This severely breaks dial-up firewalls at present, it 
	will be changed into an advanced option (as it is useful for filtering 
	hosts) at a later date.

Sat Dec 30 2000 Paul Drain <pd@cipherfunk.org>

	* src/netfilter-script.c: mangle & NAT tables are now only loaded 
	 and / or flushed when the modules exist.

Fri Dec 29 2000 Paul Drain <pd@cipherfunk.org>

	* src/druid.*: Merged with Tomas's changes to the wizard control panel
	* src/preferences.c: Same

Thu Dec 28 2000 Tomas Junnonen <majix@sci.fi>

	* src/preferences.c: moved some options around

Thu Dec 28 2000 Paul Drain <pd@cipherfunk.org>

	* src/ipchains-script.c: Removed X Windows auto reject to allow ToS 
	testing to work
	* src/netfilter-script.c: Same	

Thu Dec 28 2000 Paul Drain <pd@cipherfunk.org>

	* src/ipchains-script.c: Added standard policy rules before piping 
	in the modrules rules - eliminated possible security flaw.
	* src/netfilter-script.c: Added initial ruleset of ToS pages.

Thu Dec 28 2000 Paul Drain <pd@cipherfunk.org>

	* src/ipchains-script.c: Added initial ruleset for ToS pages.
	
Wed Dec 27 2000 Tomas Junnonen <majix@sci.fi>

	* src/druid.c: did some major work on the wizard, it's now white with
	  small graphics on each page and large graphics on splash and end 
	  screen. Many string changes
	* pixmaps/card.png
	* pixmaps/left.png
	* pixmaps/masq.png
	* pixmaps/top.png: Added

Tue Dec 26 2000 Paul Drain <pd@cipherfunk.org>

	* src/druid.c: More ToS merges - fixed the services_next page to 
	skip over the ToS selection if it wasn't explicitly selected in the
	advanced settings

Mon Dec 25 2000 Paul Drain <pd@cipherfunk.org>

	* src/netfilter-script.c: reverted LOADER variable fix,
	completely rewrote the module autoloader hack.
	* src/netfilter-script.c
	* src/ipchains-script.c: changed bsd_comp / ppp_deflate loader

Mon Dec 25 2000 Tomas Junnonen <majix@sci.fi>

	* src/ipchains-script.c: merged LOADER variable fix from Claudio Bley
	* src/netfilter-script.c: fixed do-not-log-port not being parsed

Sun Dec 24 2000 Paul Drain <pd@cipherfunk.org>

	* Changelog: Created standardized changelog to satisfy CVS requirements
	
Sat Dec 23 2000 Paul Drain <pd@cipherfunk.org>

	* src/ipchains-script.c: Fixed 2.2 IP Masquerading Module loader 
	(hopefully)
	* src/preferences.c: Fixed secondary occurance of destoy_filesel to 
	avoid killing GTK if a second version of Firestarter was loaded.

Thu Dec 21 2000 Paul Drain <pd@cipherfunk.org>

	* src/druid.c: remerged NLS notebook fix from Takeshi Aihana

Wed Dec 20 2000 Paul Drain <pd@cipherfunk.org>

	* src/druid.c
	* src/druid.h
	* src/preferences.c: First attempt at Type of Service dialog merge. 
	No Rulesets yet just the wizard.
		
Mon Dec 11 2000 Paul Drain <pd@cipherfunk.org>

	* src/netfilter-script.c: Changed default rule for forwarding from DROP 
	to the $STOP variable
	

2000-11-20

	* merged netfilter minor fixes and cleanups from Paul Drain
	* allowing icmp echo-reply packets
	* cosmetic fixes

2000-11-01

	* merged netfilter target, traceroute fix and casesensitivty fix 
	  patches from Paul Drain
	* merged preference window browse buttons/frames patch Joaqun

2000-10-25

	* merged icmp filtering, cleanups and iptables patches from Paul Drain
	* merged reject/deny patch from Joaqun

2000-10-24

	* merged smb, synflag and typo patches from Paul Drain

2000-10-21

	* small cleanups here and there

2000-10-20

	* added proper column optimizing and progress tailing of the hitlog
	* don't query gnome_config for netfilter status anymore

2000-10-17

	* added "Do not log this port" modifier
	* added Logging preference sheet

2000-10-16

	* restarted development....
	* small build enviroment fixes here and there
	* fixed RH7 i18N parse error bug
	* small gfx changes
	* removed some duplicate code in addrules.c
	* fixed #!/bin/sh not being first line in scripts

2000-09-07

	* put in the new icon set by Susan Emery
	* lots of small changes here and there
	* finished up the iptables support

2000-08-23

	* added sound support
	* preferences dialog remake

2000-08-17

	* finally fixed that DHCP/IP Masquerade hostname bug

2000-08-13

	* new better service determination scheme, uses /etc/services

2000-08-07

	* added option to launch firewall on ppp connect
	* added DHCP button to the device page
	* tooltips in the wizard and preferences menu
	* fixed problem with NFS and Xwindows ports


2000-08-06

	* don't display masq page if only one device in the machine
	* device on masq page defaults to second device in machine

2000-08-01

	* firestarter now stores its scripts in the default config
	  file dir, for example "/etc/firestarter"

2000-07-31

	* fixed the translations some more
	* program now resizes itself to minimize space needed

2000-07-30

	* fixed IP/Masquerade detection code
	* fixed translations, honestly

2000-07-29

	* added autodection of masqueraded net
	* small changes to the wizard

2000-07-26

	* fixed translations not working
	* hitlog clist is now 'tails', i.e. the focus stays at the bottom

2000-07-24

	* fixed DNS lookup crash
	* fixed the dynamic rules defaulting to TCP

2000-07-21
	* added a DNS lookup feature

2000-07-19

	* major cleanup of firestarter.c
	* added mini window icons
	* added a popup menu to the docklet
	* finally tracked down and fixed the segfault on exit,
	  looks like a bug in GNOME.

2000-07-17

	* now runs the druid on the first startup.
	* added "remove identical firewall hit lines" preference
	* changed by default allowed upper port limit to 49151

2000-07-16

	* must start using the ChangeLog again. Lazy me.
	* marked a lot of strings for translation
	* cleanups and code comments

	* previously: released 0.3.0beta1
		      finished the dynamic rules functionality
		      added a statusbar
		      removed the applet code and put in a docklet
		      some other things I've since forgotten

2000-06-01

	* added root password query using consolehelper

2000-05-31

	* fixed segault that occured with malformed log entries
	* fixed not closing properly when not running the applet
	* fixed logs not being saved to disk properly

2000-05-30

	* fixed segfault problem with older gnome libs
	* code cleanup
	* fixed spawning multiple wizards or pref. windows
	* added option not to display applet on panel
	* script now sets the TCP/IP address hacking option in proc
	* other minor changes to the script and interface

2000-05-29

	* second release, version 0.2.0
	* firewall monitoring tool working

2000-05-12

	* first public release, version 0.1
	* firewall creation wizard working
