forked from NathanGibbs3/iplog
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathChangeLog
388 lines (235 loc) · 12.6 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
11-05-2014
Released as version 2.2.5
TCP & UDP Log message cleanup & standardization.
Debian init script fix.
06-17-2013
Released as version 2.2.4
Some code tweaks to get it to compile on Debian Wheezy.
Added debian startup script
05-16-2013
New project lead.
Nathan Gibbs [email protected]
Wed Jan 03 14:06:11 EST 2001 Ryan McCabe <[email protected]>
* Released as version 2.2.3.
Mon Jan 01 14:26:57 EST 2001 Ryan McCabe <[email protected]>
* Applied a patch from Conan Ford <[email protected]> to
enable logging the destination address when doing
ident lookups.
Sun Dec 03 18:07:53 EST 2000 Ryan McCabe <[email protected]>
* Added a pid-file command-line and config file option.
Sun Dec 03 17:33:25 EST 2000 Ryan McCabe <[email protected]>
* Added RPM spec file from Tim Waugh <[email protected]>
* Fixed a problem with parsing C-style comments in the
configuration file.
- Reported by Brandon Zehm <[email protected]> months ago.
I somehow missed the message until now..
Tue Nov 21 18:16:13 EST 2000 Ryan McCabe <[email protected]>
* Released as version 2.2.2.
Tue Nov 07 02:48:40 EST 2000 Ryan McCabe <[email protected]>
* Documentation updates.
Tue Nov 07 02:41:00 EST 2000 Ryan McCabe <[email protected]>
* Fix the configure script's detection of types ipaddr_t
and in_port_t.
* New scan type: SYN scan. Detection as per suggestion of
Tue Nov 07 01:37:31 EST 2000 Ryan McCabe <[email protected]>
* Applied patch from cinic <[email protected]>
that allows iplog to run on Solaris 8.
Fri Jul 07 10:51:52 EDT 2000 Ryan McCabe <[email protected]>
* Released as version 2.2.1.
Mon Jul 03 21:01:58 EDT 2000 Ryan McCabe <[email protected]>
* Fixed a bug that caused only one thread to change user or group
when -u or -g was specified while the rest continued to run as root.
- Reported by jamesb <[email protected]>
Mon Jul 03 16:57:41 EDT 2000 Ryan McCabe <[email protected]>
* Fixed a bug that caused ident lookups to always fail.
- Reported by Enrico Scholz <[email protected]>
Mon Jul 03 14:02:49 EDT 2000 Ryan McCabe <[email protected]>
* Released as version 2.2.0.
* I have created a SourceForge mailing list for iplog. See
http://sourceforge.net/mail/?group_id=431 if you're interested.
* Improved the configure script to allow iplog to build on
many other platforms.
* Bug fixes.
* Documentation updates.
Sun Jun 25 19:57:54 EDT 2000 Ryan McCabe <[email protected]>
* Added support for a configuration file.
Sat Jun 10 21:43:52 EDT 2000 Ryan McCabe <[email protected]>
* Bug fixes.
* Queue packets to avoid packet loss during during periods of heavy
traffic. This was a problem when host resolution was enabled.
Mon Jun 05 13:52:21 EDT 2000 Ryan McCabe <[email protected]>
* Use the snprintf function from OpenSSH instead of the one we were
using before.
* Small cleanups.
Sun Jun 04 21:09:23 EDT 2000 Ryan McCabe <[email protected]>
* Documented a bunch of code.
Sat Mar 18 18:04:16 EST 2000 Ryan McCabe <[email protected]>
* Be more efficient with memory in the scan/flood handler.
Fri Mar 17 23:56:01 EST 2000 Ryan McCabe <[email protected]>
* Applied a patch from Gaël Roualland <[email protected]> that implements
logging of ports along with the scan/flood warning.
Thu Mar 16 08:25:54 EST 2000 Ryan McCabe <[email protected]>
* Fixed a bug that caused interfaces with dynamic addresses to be
reopened incorrectly after going down.
Thu Feb 24 19:02:03 EST 2000 Ryan McCabe <[email protected]>
* Fixed a cosmetic race to remove the lockfile when iplog -k is executed.
- Reported by [email protected]
Sun Feb 20 14:37:33 EST 2000 Ryan McCabe <[email protected]>
* Released as version 2.1.1.
Sat Feb 12 12:56:39 EST 2000 Ryan McCabe <[email protected]>
* Allow iplog to monitor loopback devices.
* Print a warning if any detected interfaces cannot be brought up, and exit
if no interfaces can be opened.
Thu Feb 10 15:11:48 EST 2000 Ryan McCabe <[email protected]>
* Fixed lockups.
- Thanks to Enrico Scholz <[email protected]>
for finding and helping to fix this problem.
* iplog detects a new class of Xmas scans that were recently discussed
on Bugtraq.
* New option: -m or --scans-only. This option will cause iplog to log
only scans and floods.
- Suggestion from Ben Vaughn <[email protected]>
* New option: -V or --verbose. iplog will log packets with bad checksums
and short header lengths when this flag is given.
* New option: -D or --log-dest. iplog will log the destination host
of packets when this option is given.
* Applied a patch from
Enrico Scholz <[email protected]> to enable
certain build options.
* A bunch of other bugfixes and enhancements.
Wed Feb 02 01:58:32 EST 2000 Ryan McCabe <[email protected]>
* Applied patch from Enrico Scholz <[email protected]>
to fix a problem with the ident code.
* iplog will now detect when interfaces go down and re-open them
when they come back up, if possible.
Mon Jan 17 21:07:54 EST 2000 Ryan McCabe <[email protected]>
* Released as version 2.1.0.
Mon Jan 17 21:03:07 EST 2000 Ryan McCabe <[email protected]>
* Print a warning when host resolution is enabled while running in
promiscuous mode.
* Final cleanups before release as 2.1.0.
Sun Jan 16 14:24:03 EST 2000 Ryan McCabe <[email protected]>
* Documentation updates.
Sun Jan 16 00:01:30 EST 2000 Ryan McCabe <[email protected]>
* Fixed the scan code to better deal with a full hash table.
Fri Jan 14 13:46:23 EST 2000 Ryan McCabe <[email protected]>
* Allow for more than one network to be specified with -a
Fri Jan 14 03:26:52 EST 2000 Ryan McCabe <[email protected]>
* Updated the manual pages.
Fri Jan 14 00:51:01 EST 2000 Ryan McCabe <[email protected]>
* Fixed a descriptor leak that occurred when ident lookups were enabled.
- Reported by Jim B <[email protected]>
* Fixed a bug that caused packets with a bad header to be sent out when
trying to fool nmap's -O option.
Sun Jan 09 17:55:29 EST 2000 Ryan McCabe <[email protected]>
* Fixed a bug in iplog_udp.c
- Reported by "Craig R. Watkins" <[email protected]>
Sat Jan 08 14:20:11 EST 2000 Ryan McCabe <[email protected]>
* Fixed the scan code to work in promiscuous mode. This needs testing.
Thu Jan 06 03:14:40 EST 2000 Ryan McCabe <[email protected]>
* Did most of the work to make iplog able to watch a whole network.
The scan code still needs to be fixed.
* Several small bug fixes.
* Code cleanups.
Tue Nov 30 13:49:12 EST 1999 Ryan McCabe <[email protected]>
* Created an iplog.rules.5 manual page.
Sat Nov 20 10:43:25 EST 1999 Ryan McCabe <[email protected]>
* Added the --log-ip option to the "iplog --help" output.
Thomas Zajic <[email protected]> noticed this was missing.
Thu Nov 18 02:54:04 EST 1999 Ryan McCabe <[email protected]>
* Fixed a bug that resulted in 15 character length IPs being truncated to
14 characters. Oops.
Sat Nov 13 10:48:58 EST 1999 Ryan McCabe <[email protected]>
* Applied a patch from Piero Serini <[email protected]> to fix a compilation
problem on Solaris 2.5.1.
* Fixed a bug in the pcap.h detection routine in the configure script.
* Fixed a problem with the -w option.
Sun Nov 07 16:35:14 EST 1999 Ryan McCabe <[email protected]>
* Fixed a bug that caused DNS cache entries to be expired much too quickly.
Thu Nov 04 19:43:46 EST 1999 Ryan McCabe <[email protected]>
* Re-wrote dns cache and scan table locking.
* Fixed a bug that caused a garbled message to be logged upon scan
mode expiring.
Sun Oct 31 10:43:53 EST 1999 Ryan McCabe <[email protected]>
* New command line switch: --log-ip (-w), which causes iplog to log
the IP address along with the hostname when looking up hosts.
- Suggestion from Frank v Waveren <[email protected]>
Sat Oct 30 19:43:19 EDT 1999 Ryan McCabe <[email protected]>
* Fixed a bug in the filter rule parser code that caused iplog to crash
when rule keywords were omitted.
- Reported by Adrian Woizik <[email protected]>
Thu Oct 21 17:35:39 EDT 1999 Ryan McCabe <[email protected]>
* Applied patch from Vitezslav Samel <[email protected]> to fix
CIDR notation parsing.
Mon Oct 18 02:52:39 EDT 1999 Ryan McCabe <[email protected]>
* Fixed a compilation problem on Solaris.
- Reported by job bogan <[email protected]>
Sun Oct 17 12:31:12 EDT 1999 Ryan McCabe <[email protected]>
* Two new command line switches: --facility and --priority, which set the
syslog facility and priority, respectively.
* Use daemon.notice as the default facility and priority. Apparently
daemon.info was being dropped by the default syslog configuration on
FreeBSD (at least).
* Documentation updates.
Sat Oct 16 00:28:05 EDT 1999 Ryan McCabe <[email protected]>
* Ported to Solaris (only tested with Solaris 7 on a Sparc).
- Thanks to brokebit <[email protected]> for providing access.
Fri Oct 08 18:00:14 EDT 1999 Ryan McCabe <[email protected]>
* Fixed more bugs in the rule parsing code.
- Reported by Frank v Waveren <[email protected]>
* Fixed added the -z option to the iplog --help output.
* Updated the "example-iplog.rules" file.
- Problems reported by Jim Conner <[email protected]>
Thu Oct 07 00:53:48 EDT 1999 Ryan McCabe <[email protected]>
* Fixed a bug that caused the -d option to be ignored when iplog
is restarted.
- Reported by Owada Jan <[email protected]>
Fri Oct 01 13:44:28 EDT 1999 Ryan McCabe <[email protected]>
* Fixed a bug in the filter code that caused address specifications
such as 1.2.3/24 not to work.
- Reported by Craig Kelley <[email protected]>
Tue Sep 28 17:12:35 EDT 1999 Ryan McCabe <[email protected]>
* Fixed a problem with the -d option that would cause iplog to crash
on startup.
- Reported by Pekka Savola <[email protected]>
* Fixed a compilation problem on non-Linux platforms.
- Reported by ermirza erekose <[email protected]>
Mon Sep 27 18:55:41 EDT 1999 Ryan McCabe <[email protected]>
* Fixed a problem with the openlog(3) call.
Thu Sep 16 15:03:03 EDT 1999 Ryan McCabe <[email protected]>
* Filter rules that have hosts with multiple IPs will behave as expected
now (iplog will check every IP now, not just the first).
Mon Sep 13 22:25:19 EDT 1999 Ryan McCabe <[email protected]>
* Added patch from Enrico Scholz <[email protected]>
to fix the pcap header location problem for good (hopefully).
Mon Sep 13 14:42:31 EDT 1999 Ryan McCabe <[email protected]>
* Fixed more problems with the filter.
- Reported by Pekka Savola <[email protected]>
Sun Sep 12 23:02:35 EDT 1999 Ryan McCabe <[email protected]>
* Added example filter rules that use address masks.
* Fixed filter bug.
- Reported by Brian Marsden <[email protected]>
* Fixed problem that caused everything to be logged to stdout when
--logfile (-l) was specified.
- Reported by Owada Jan <[email protected]>
Fri Sep 03 18:57:20 EDT 1999 Ryan McCabe <[email protected]>
* Really fixed the problem with the location of pcap headers with
redhat contrib and stampede libpcap rpms.
- Reported by Enrico Scholz <[email protected]>
* Two new command line options: -o and -L which cause iplog to run in
the foreground and log to stdout, respectively.
Wed Aug 25 02:16:27 EDT 1999 Ryan McCabe <[email protected]>
* Added a new option: -z, --fool-nmap. Attempt to fool OS
detection mechanisms by replying to the probes with junk.
Tue Aug 24 01:26:27 EDT 1999 Ryan McCabe <[email protected]>
* Fixed a problem finding pcap.h on Linux Redhat and Mandrake systems.
- Reported by Jim Hazen <[email protected]>
Mon Aug 23 10:09:13 EDT 1999 Ryan McCabe <[email protected]>
* Fixed a problem with restarting iplog when -u is given.
- Reported by Kyle Christensen <[email protected]> and
Steffen Zahn <[email protected]>
* Fixed more problems with restarting iplog..
* Added further explanation to the "example-iplog.rules" file.
Sun Aug 22 21:07:40 EDT 1999 Ryan McCabe <[email protected]>
* First alpha release.