mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-16 07:11:05 +01:00
8ddc51bc8b
Obtained from: Yes development tree (+ 10 lines of patches from Charles Mott, original libalias author)
127 lines
4.1 KiB
Plaintext
127 lines
4.1 KiB
Plaintext
Version 1.0: August 11, 1996 (cjm)
|
|
|
|
Version 1.1: August 20, 1996 (cjm)
|
|
- Host accepts incoming connections for ports 0 to 1023.
|
|
|
|
Version 1.2: September 7, 1996 (cjm)
|
|
- Fragment handling error in alias_db.c corrected.
|
|
|
|
Version 1.3: September 15, 1996 (cjm)
|
|
- Generalized mechanism for handling incoming
|
|
connections (no more 0 to 1023 restriction).
|
|
|
|
- Increased ICMP support (will handle traceroute now).
|
|
|
|
- Improved TCP close connection logic.
|
|
|
|
Version 1.4: September 16, 1996 (cjm)
|
|
|
|
Version 1.5: September 17, 1996 (cjm)
|
|
- Corrected error in handling incoming UDP packets
|
|
with zero checksum.
|
|
|
|
Version 1.6: September 18, 1996
|
|
- Simplified ICMP data storage. Will now handle
|
|
tracert from Win95 and NT as well as FreeBSD
|
|
traceroute, which uses UDP packets to non-existent
|
|
ports.
|
|
|
|
Verstion 1.7: January 9, 1997 (cjm)
|
|
- Reduced malloc() activity for ICMP echo and
|
|
timestamp requests.
|
|
|
|
- Added handling for out-of-order IP fragments.
|
|
|
|
- Switched to differential checksum computation
|
|
for IP headers (TCP, UDP and ICMP checksums
|
|
were already differential).
|
|
|
|
- Accepts FTP data connections from other than
|
|
port 20. This allows one ftp connections
|
|
from two hosts which are both running packet
|
|
aliasing.
|
|
|
|
- Checksum error on FTP transfers. Problem
|
|
in code located by Martin Renters and
|
|
Brian Somers.
|
|
|
|
Version 1.8: January 14, 1997 (cjm)
|
|
- Fixed data type error in function StartPoint()
|
|
in alias_db.c (this bug did not exist before v1.7)
|
|
Problem in code located by Ari Suutari.
|
|
|
|
Version 1.9: February 1, 1997 (Eivind Eklund <perhaps@yes.no>)
|
|
- Added support for IRC DCC (ee)
|
|
|
|
- Changed the aliasing routines to use ANSI style
|
|
throughout (ee)
|
|
|
|
- Minor API changes for integration with other
|
|
programs than PPP (ee)
|
|
|
|
- Fixed minor security hole in alias_ftp.c for
|
|
other applications of the aliasing software.
|
|
Hole could _not_ manifest in ppp+pktAlias, but
|
|
could potentially manifest in other applications
|
|
of the aliasing. (ee)
|
|
|
|
- Connections initiated from packet aliasing
|
|
host machine will not have their port number
|
|
aliased unless it conflicts with an aliasing
|
|
port already being used. (There is an option
|
|
to disable this for debugging) (cjm)
|
|
|
|
- Sockets will be allocated in cases where
|
|
there might be port interference with the
|
|
host machine. This can be disabled in cases
|
|
where the ppp host will be acting purely as a
|
|
masquerading router and not generate any
|
|
traffic of its own.
|
|
(cjm)
|
|
|
|
Version 2.0: March, 1997 (cjm)
|
|
- Aliasing links are cleared only when a host interface address
|
|
changes.
|
|
|
|
- PacketAliasPermanentLink() API added.
|
|
|
|
- Option for only aliasing private, unregistered
|
|
IP addresses added.
|
|
|
|
- Substantial rework to the aliasing lookup engine.
|
|
|
|
Version 2.1: May, 1997 (cjm)
|
|
- Continuing rework to the aliasing lookup engine
|
|
to support multiple incoming addresses and static
|
|
NAT. PacketAliasRedirectPort() and
|
|
PacketAliasRedirectAddr() added to API.
|
|
|
|
- Now supports outgoing as well as incoming ICMP
|
|
error messges.
|
|
|
|
Version 2.2: July, 1997 (cjm)
|
|
- Rationalized API function names to all begin with
|
|
"PacketAlias..." Old function names are retained
|
|
for backwards compatitibility.
|
|
|
|
- Packet aliasing engine will now free memory of
|
|
fragments which are never resolved after a timeout
|
|
period. Once a fragment is resolved, it becomes
|
|
the users responsibility to free the memory.
|
|
|
|
Version 2.3: August 11, 1997 (cjm)
|
|
- Problem associated with socket file descriptor
|
|
accumulation in alias_db.c corrected. The sockets
|
|
had to be closed when a binding failed. Problem
|
|
in code located by Gordon Burditt.
|
|
|
|
Version 2.4: September 1, 1997 (cjm)
|
|
- PKT_ALIAS_UNREGISTERED_ONLY option repaired.
|
|
This part of the code was incorrectly re-implemented
|
|
in version 2.1.
|
|
|
|
Version 2.5: December, 1997 (ee)
|
|
- Added PKT_ALIAS_PUNCH_FW mode for firewall
|
|
bypass of FTP/IRC DCC data connections. Also added
|
|
improved TCP connection monitoring.
|