|
||||||||||
This release brings quite a few changes/improvements to NAT support in m0n0wall (read the change log for details). People who relied on the automatic WAN IP aliasing function (for 1:1/Server NAT mappings) need to set up Proxy ARP now - this is a much cleaner and more powerful way of doing it. Those that use 1:1 or Server NAT with routed subnets or PPPoE/PPTP WAN connections don't need Proxy ARP. Another new feature that is noteworthy is the interface auto-detection in the console menu. This should simplify initial setup on generic PCs where the correlation between BSD interface names and actual physical interfaces may not be clear. Finally, I have picked up some random feature/change requests from the mailing list. Here's the full change log: - it is now possible to map entire subnets in 1:1 NAT (they may not overlap with other server NAT entries, advanced outbound NAT entries or the WAN IP address) - added proxy ARP service - IP aliases are no longer added automatically to the WAN interface for 1:1 NAT and server NAT mappings (use proxy ARP if required) - added interface auto detection to "assign network ports" console menu item - the target (external) address for the mapping can now be specified on the advanced outbound NAT page - added "Clear log" button to log pages - config file read/write locking to avoid race conditions - made webGUI username configurable - added more BPF devices to fix problem with dhcpd on machines with more than 4 interfaces - added headers to webGUI pages to ensure that they are not cached - fixed bug: failed to resync ipfilter on PPTP VPN linkup - renamed "internal" and "external subnet" to source and destination, respectively, on the advanced outbound NAT page (to reduce confusion) - disabled MSCHAPv1 (insecure) and CHAP-MD5 (no use with MPPE encryption anyway) in PPTP VPN server Enjoy, Manuel |