X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=debian%2Fchangelog;h=3ef6af6dd9d2ab44381ca2f5615466bfc8a8c264;hb=bd63a4390f5d9b7b0c9c56487cf29e0ed485c512;hp=188f6918dc2e6579a1ac35ea4e6a22faa0f21e9c;hpb=b13794009e4a28de61dc44d484748913aa639e40;p=pve-firewall.git diff --git a/debian/changelog b/debian/changelog index 188f691..3ef6af6 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,122 @@ +pve-firewall (4.2-4) bullseye; urgency=medium + + * re-build to avoid issues stemming from semi-broken systemd-debhelper version + + -- Proxmox Support Team Tue, 12 Oct 2021 10:39:05 +0200 + +pve-firewall (4.2-3) bullseye; urgency=medium + + * fix #2721: remove the (nowadays) bogus reject for TCP port 43 from the + default drop and reject actions + + -- Proxmox Support Team Fri, 10 Sep 2021 13:00:07 +0200 + +pve-firewall (4.2-2) bullseye; urgency=medium + + * re-set relevant sysctls on every apply round + + -- Proxmox Support Team Mon, 21 Jun 2021 11:31:42 +0200 + +pve-firewall (4.2-1) bullseye; urgency=medium + + * fix #967: source: dest: limit length + + * re-build for Debian 11 Bullseye based releases (Proxmox VE 7) + + * fix #2358: allow -- in firewall rule config files + + -- Proxmox Support Team Wed, 12 May 2021 20:32:30 +0200 + +pve-firewall (4.1-3) pve; urgency=medium + + * fix #2773: ebtables: keep policy of custom chains + + * introduce new icmp-type parameter + + -- Proxmox Support Team Fri, 18 Sep 2020 16:51:27 +0200 + +pve-firewall (4.1-2) pve; urgency=medium + + * revert: rules: verify referenced security group exists + + -- Proxmox Support Team Wed, 06 May 2020 17:41:36 +0200 + +pve-firewall (4.1-1) pve; urgency=medium + + * logging: add missing log message for inbound rules + + * fix #2686: avoid adding 'arp-ip-src' IP filter if guests uses DHCP + + * IPSets: parse the CIDR before checking for duplicates + + * verify that a referenced security group exists + + * ICMP: fix iptables-restore failing if ICMP-type values bigger than '255' + + * ICMP: allow one to specify the 'echo-reply' (0) type also as integer + + * improve handling concurrent (parallel) access and modifications to rules + + -- Proxmox Support Team Mon, 04 May 2020 15:01:57 +0200 + +pve-firewall (4.0-10) pve; urgency=medium + + * macros: add macro for Proxmox Mail Gateway web interface + + * api node: always pass cluster conf to node FW parser to fix false positive + error message about non existing aliases, or IP sets, when querying the + node FW options GET API call. + + * grammar fix: s/does not exists/does not exist/g + + -- Proxmox Support Team Mon, 27 Jan 2020 19:25:49 +0100 + +pve-firewall (4.0-9) pve; urgency=medium + + * ensure port range used for offline storage migration and insecure migration + traffic is allowed by default rule set. + + -- Proxmox Support Team Tue, 03 Dec 2019 08:12:20 +0100 + +pve-firewall (4.0-8) pve; urgency=medium + + * increase default nf_conntrack_max to the kernel's default + + * fix some "use of uninitialized value" warnings when updating CIDRs + + * update schema documentation + + * add explicit dependency on libpve-cluster-perl + + * add support for "raw" tables + + * add options for synflood protection for host firewall: + - nf_conntrack_tcp_timeout_syn_recv + - protection_synflood: boolean + - protection_synflood_rate: SYN rate limit (default 200 per second) + - protection_synflood_burst: SYN burst limit (default 1000) + + -- Proxmox Support Team Mon, 18 Nov 2019 13:48:20 +0100 + +pve-firewall (4.0-7) pve; urgency=medium + + * only add VM chains and rules if VM firewall is enabled + + -- Proxmox Support Team Wed, 7 Aug 2019 10:55:06 +0200 + +pve-firewall (4.0-6) pve; urgency=medium + + * firewall macros: add new Ceph protocol v2 port while keeping v1 port + + -- Proxmox Support Team Tue, 23 Jul 2019 18:57:48 +0200 + +pve-firewall (4.0-5) pve; urgency=medium + + * don't use any base path at all for calls to external binaries to make use + compativle with bot, /usr merged and unmerged setups + + -- Proxmox Support Team Fri, 12 Jul 2019 11:47:53 +0200 + pve-firewall (4.0-4) pve; urgency=medium * ebtables: remove PVE chains properly