Saturday, April 30, 2016

EFW-2.5.2 Release Notes - Version 2.5.2

Release Notes - Version 2.5.2

** New Features
* [UTM-250] - PhishTank as anti-phishing protection
* [CORE-82] - Show signatures update time in the dashboard
* [CORE-477] - Intel drivers for the newest Intel network
interface cards
* [CORE-222] - Support for USB Huawei E173 USB UMTS modem


** Improvements
* [UTM-68] - ClamAV engine update to version 0.97.8
* [CORE-184] - The collectd netlink plugin stores information
that is never used
* [CORE-89] - EMI does not load sqlite anymore
* [CORE-259] - EMI storage is not read/write-safe
* [CORE-63] - In Port forwarding / DNAT the default mode
should be simple instead of advanced
* [UTM-250] - PhishTank lists replace lists from
malwaredomains
* [CORE-285] - Packaged signatures tarball with new PhishTank
signatures instead of those from
malwaredomains
* [CORE-105] - Monit method needs an additional attribute
monitor=False which prevents monitor/unmonitor
command from getting sent to monit
* [CORE-189] - Store collectd RRD files in /tmp and
periodically synchronize to /var
* [CORE-164] - Delete archived log files when free space is
needed
* [CORE-231] - Use collectd graphs instead of squid-graph
* [CORE-206] - Replace makegraphs.pl with collectd graphs
* [UTM-110] - Remove collectd's ntp RRD files
* [UTM-80] - New version of ntop
* [CORE-240] - Ethernet bonding support
* [UTM-40] - DansGuardian custom *regexp file is not handled
correctly


** Bugs
* [UTM-115] - ClamAV blocks .exe files due to issues in its
DetectBrokenExecutables check
* [UTM-86] - HAVP does not run after an upgrade to 2.5
* [UTM-65] - “Block encrypted archives” flag was doing
exactly the opposite of what had been
configured
* [UTM-63] - Wrong status message in ClamAV page before the
first signature update
* [CORE-132] - The Authentication layer does not start due to
an UTF-8 problem
* [CORE-125] - Authentication job is not started after
finishing the initial wizard
* [CORE-367] - Old backups cannot be downloaded after
migrating to 2.5
* [CORE-288] - USB stick not detected correctly by
efw-backupusb
* [CORE-278] - When cleaning the system USB backups are not
considered
* [CORE-148] - Instead of keeping 3 USB backups when rotating
only 2 are kept
* [CORE-113] - Error creating the cron link for scheduled
automatic backups
* [CORE-220] - More backups than configured are stored
* [CORE-427] - Deadlock during the reading/writing of
SettingFiles
* [CORE-264] - Logout button does not work for all browsers
* [CORE-236] - After an update efw-shell does not display
correctly the new/updated commands"
* [CORE-122] - In policy routing rules only CS0 Type of
Service can be selected
* [CORE-107] - Dnsmasq sometimes fails to restart which causes
monit to use a huge amount of resources
* [CORE-88] - Backup uplinks do not work if they are Ethernet
uplinks
* [CORE-497] - Collectd does not start on boot with new
version of monit
* [CORE-211] - Dependency to efw-httpd is missing
* [COMMUNITY-15] - RPM triggers interrupt update process
* [CORE-451] - GUI port is hardcoded for redirection
* [CORE-268] - Reboot required not shown after kernel upgrade
* [CORE-482] - emicommand hangs because of curl blocking
* [CORE-137] - YAML storage raises an exception when trying to
load a valid YAML file that contains a list
instead of a dictionary
* [CORE-369] - Interzone firewall rules are not created after
migration to 2.5
* [CORE-119] - When switching from advanced to simple mode
editing destination NAT rules the filter policy
is changed to ALLOW
* [CORE-118] - Target port of Destination NAT is not disabled
when the incoming protocol is "Any"
* [CORE-115] - Incoming Service/Port field of Port forwarding/
Destination NAT is editable, even if Service
and Protocol are both set to "Any"
* [CORE-106] - The bridges job status is wrong, "restart"
instead of "start"
* [CORE-335] - jobcontrol hangs when sync restarting jobs
* [CORE-326] - Jobengine exception during update
* [CORE-257] - Jobs are unnecessarily restarted multiple times
* [CORE-248] - Jobsengine memory leak when OpenVPN client
connects
* [CORE-131] - The efw-shell command "job" does not work due
to a syntax error
* [CORE-124] - AnaCronJob uses Job.start which sets force=True
even if not needed
* [CORE-123] - DownloadJob uses Job.start which sets
force=True even if not needed
* [CORE-120] - Timestamping signatures are recreated although
force is not set to true in CrawlerJob
* [CORE-321] - After migration from 2.4 to 2.5 RAID controller
mptsas is not working anymore
* [CORE-303] - Intel Network driver igb not supported for Quad
Intel 82580 Gigabit Network
* [CORE-190] - Enable FUSION_SAS driver
* [CORE-332] - twistd.log are not compressed and rotated in /
* [CORE-247] - Logrotate not run under various circumstances
* [CORE-87] - ntop UI is not accessible
* [CORE-251] - Logrotate configuration file is removed when
logrotate package is upgraded after efw-syslog
* [CORE-203] - purge-log-archives script fails under special
circumstances
* [UTM-414] - ntop segfault in libc-2.3.4.so/libntop-4.1.0.so
* [UTM-244] - ntop crashes if it is asked to monitor a
interface that is down
* [CORE-343] - VLAN configuration problem
* [CORE-174] - Local routes are missing in ip rule so user
defined rules always overrule local routes
* [CORE-86] - Policy Routing rules are not applied
* [CORE-80] - Upgrade of stripped RPM packages destroys
configuration files
* [UTM-378] - Double efw-dnsmasq packages after upgrade
* [UTM-338] - When updating efw-dnsmasq the httpd
configuration file is removed
* [UTM-322] - Anti-spyware signatures last update date is
inconsistent
* [UTM-320] - DNS black- and whitelists are ignored until the
cron job runs
* [UTM-317] - DNS anti-spyware blacklist is not working
* [UTM-316] - Black- and whitelisted domains are not erased
after saving settings
* [UTM-88] - Unable to download malwaredomains information
* [UTM-181] - Proxy PAC is not applied
* [UTM-93] - Denial of service triggered by access to the
proxy port
* [UTM-90] - DansGuardian blacklists and phraselists are
missing after an upgrade to 2.5
* [UTM-87] - DansGuardian blacklists and phraselists cannot
be downloaded
* [UTM-55] - Clamd is not started before HAVP
* [UTM-194] - HTTP proxy configuration ignores rules under
certain circumstances
* [UTM-81] - IMAP authentication fails if username contains
a @domain part.
* [CORE-219] - TOS/DSCP option breaks Quality of Service
* [UTM-119] - Snort is restarted twice during boot time
* [CORE-138] - System uptime is shown incorrectly
* [CORE-396] - Migration not called after upgrade to 2.5 due
to collectd
* [CORE-159] - Certain migration scripts are not executed
* [CORE-129] - Migration framework causes tracebacks if an RPM
package has an epoch set and a migration script
for it exists
* [UTM-108] - OpenVPN client calls missing "remove_rules"
method which is not controlled by jobengine and
uses a deprecated function
* [UTM-95] - Selecting GREEN in IPsec GUI corrupts IPsec
configuration file
* [UTM-230] - OpenVPN job fails to create user configuration
files if the push orange or push blue options
are enabled
* [UTM-97] - OpenVPN process cannot remove temporary files
because of wrong file owner
* [CORE-221] - OpenVPN client TUN device configuration is
broken
* [UTM-200] - Route to subnet behind OpenVPN gateway-to-
gateway user is set with wrong gateway IP
address if the user has a static IP assigned

Source: README, updated 2013-08-23





- wong chee tat :)




No comments: