[ previous ] [ next ] [ threads ]
 
 From:  Manuel Kasper <mk at neon1 dot net>
 To:  m0n0wall dash announce at lists dot m0n0 dot ch
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  pb27 released
 Date:  Sat, 07 Feb 2004 21:39:51 +0100
This release brings quite a few changes/improvements to NAT support in 
m0n0wall (read the change log for details). People who relied on the 
automatic WAN IP aliasing function (for 1:1/Server NAT mappings) need to 
set up Proxy ARP now - this is a much cleaner and more powerful way of 
doing it. Those that use 1:1 or Server NAT with routed subnets or 
PPPoE/PPTP WAN connections don't need Proxy ARP.

Another new feature that is noteworthy is the interface auto-detection 
in the console menu. This should simplify initial setup on generic PCs 
where the correlation between BSD interface names and actual physical 
interfaces may not be clear.

Finally, I have picked up some random feature/change requests from the 
mailing list.

Here's the full change log:


- it is now possible to map entire subnets in 1:1 NAT (they may not 
overlap with other server NAT entries, advanced outbound NAT entries or 
the WAN IP address)

- added proxy ARP service

- IP aliases are no longer added automatically to the WAN interface for 
1:1 NAT and server NAT mappings (use proxy ARP if required)

- added interface auto detection to "assign network ports" console menu item

- the target (external) address for the mapping can now be specified on 
the advanced outbound NAT page

- added "Clear log" button to log pages

- config file read/write locking to avoid race conditions

- made webGUI username configurable

- added more BPF devices to fix problem with dhcpd on machines with more 
than 4 interfaces

- added headers to webGUI pages to ensure that they are not cached

- fixed bug: failed to resync ipfilter on PPTP VPN linkup

- renamed "internal" and "external subnet" to source and destination, 
respectively, on the advanced outbound NAT page (to reduce confusion)

- disabled MSCHAPv1 (insecure) and CHAP-MD5 (no use with MPPE encryption 
anyway) in PPTP VPN server


Enjoy,

Manuel