Snort2Pf

File Release Notes and Changelog

Release Name: 4.3

Notes:


Changes:
####
##    4.3 (2007-11-29)

- add the -t option to use a table instead of an anchor
- improve manpages

####
##    4.2 (2007-11-27)

- double amnesty time for recidivists
- add whitelist support
- dump status in syslog as LOG_DEBUG when SIGUSR1 is received

####
##    4.1 (2007-11-14)

- rewrite idpsinfo it can run without /usr
- top(1)-style behaviour is now optional and uses the same syntax as systat(1)
- don't use sudo(8) inside the script, let the user choose if he needs to
- rename it to snort2pfmon meanwhile

####
##    4.0 (2007-10-11)

- make snort2pf work on alert_fast as well as alert_full
- take over blocked hosts from previous instance
- kill states associated to the offending host along with blocking it
- extend amnesty when a new alert affects an already blocked host
- handle alert file rotation
- log everything to syslog using LOG_DAEMON facility
- store PID in /var/run/snort2pf.pid
- improve amnesty processing efficiency from O(n) to O(1)
- use Getopt::Std instead of hand-rolled command-line parsing