$Id: ChangeLog,v 1.101 2007/05/31 14:49:09 bhockney Exp $ Version 0.93 2007-05-31 - Fix netfilter syslog parser for case where no log prefix and/or log host. - Fix netfilter syslog parser to handle alternate date formats. - Fix potential directory traversal vulnerablility - CVE-2007-585. - Fix MySQL setup script to grant needed additional rights. - Makefile updates. - Add webfwlog.conf parameter for syslog log file formats to parse. - Tweak ipfilter parser. - HTML fixes. - Code cleanup. - Documentation updates. Version 0.92 2006-03-04 - Accept arbitrary column definition for SQL queries. - Keep state properly for sort order on home page. - Add links to home page and report editor on output page. - Improve presentation for protocols other than tcp/udp/icmp. - Fix matched record count when HAVING clause is invoked for ulog queries. - Fix Makefiles to create directory structure if needed. - Change name of allow_additional_where to allow_raw_sql in webfwlog.conf. - Check MySQL version 5.0 for production release. - Show progress indicator when updating hostnames cache as separate operation. - Remove bash-ism from database setup scripts. - Do not depend on access to mysql database in setup script - Code cleanup. - Documentation updates. Version 0.91 2005-04-21 - Add support for ipfw log files. - Add support for windows XP log files. - Change name of entry page from webfwlog.php to index.php. - Support PostgreSQL >= 7.1 (had required >= 7.3). - Allow selection using ranges or multiple values for all numeric fields and protocol. - Allow selection by regular expression for input/output interfaces and MAC address. - Implement selection by earliest or latest logged packet for PostgreSQL. - Allow selection by earliest or latest logged packet using oob time (ulogd). - Add MAC address to packet detail page. - Add total matched packets sum to report footer on summarized reports. - Do not update hosts or populate cache while drilling down on unlimited report. - Segregate populate cache segment time from update hostnames time. - Add segment times to syslog output. - Change 'Log Prefix' to 'Log Label'. - Add default syslog file spec in webfwlog.conf. - Get name of default_data_source parameter right in webfwlog.conf! - Use temporary file instead of pipe for report definition with syslog parser. - Use new PostgreSQL functions with php >= 4.2. - Improve detection of MySQL and PostgreSQL library and header files. - Do less work in configure when not building syslog parser. - Do not print sql query on failure if allow_be_verbose is not set. - Be explicit about sort order in SQL ORDER BY clause. - Gracefully respond to bad report code in url. - Print blank instead of 0 for source/destination port for icmp packets (syslog). - Use dformat parameter from webfwlog.conf for presentation of syslog dates. - Fix presentation of earliest and latest dates when only one packet matches (syslog). - Fix presentation of hostname when IP does not resolve and is not in cache. - Fix syslog parser when resolving hostnames and services when not updating cache. - Fix syslog selection by date, local hostname or log label when test value contains ','. - Fix evaluation of octal values in criteria (ulogd). - Fix cache update/populate for summarized reports. - Fix cache update with syslog parser and PostgreSQL. - Fix hostnames cache update with PostgreSQL when not updating all with ulog. - Fix services cache update when not updating all with ulog. - Fix webfwlog crash with PostgreSQL and default data source of syslog. - Fix case where no tcp options are selected to match. - Fix drill-down on regular expression fields to match exact text displayed. - Fix parsing of tcp sequence number with ipfilter. - Fix case when page length is zero. - Fix page refresh when drilling down. - Fix state maintenance for data source after drill-down then return to main menu. - Fix navigation after cancel on import/save/delete/export then return to main page. - Fix navigation using back button from selection/sorting/criteria pages. - Fix compiler warnings on some platforms - Harden against SQL / HTML injection. - Improve database setup scripts. - Check for and require session ID propagation. - Check for and require supported database server version at startup. - Makefile revisions to support package managers. - Tweak example report definitions. - Add debug parameter to webfwlog.conf. - Code cleanup. - Documentation updates. Version 0.90 2004-11-11 - Add support for system logs in netfilter and ipchains format (linux), and ipfilter format (BSD, etc.) - Allow netmask when selecting by IP address. - Allow multiple IP address selection criteria. - Add input controls for all fields on criteria menu. - Allow criteria specification in hex and octal. - Add Always Populate Cache as run-time option for reports. - When updating cache as manually, by default only update cache for entries added with Populate Cache option. - Add button to resolve hostnames and update cache on packet detail page. - Add meta-refresh setting to report definition. - Always compute total matching lines on LIMITed report. - Update last_accessed time when saving report. - Allow webfwlog tables to be in separate database (MySQL) or schema (PostgreSQL). - Allow override of data source at runtime (suggested by Steven Van Acker). - Print 1/0 instead of t/f for TCP Options for PostgreSQL ulogd. - Reorganize and update database setup scripts. - Add failsafe defaults for config file parameters. - Make note of default settings in webfwlog.conf. - Add 'none' as db type. - Change show_sql to be_verbose to be appropriate to all data sources. - Allow unix domain sockets for PostgreSQL. - Allow PHP 4.1 when using PostgreSQL (had required PHP 4.2). - Use configure script to automate building and installation. - Fix broken buttons after saving report definition. - Fix status message and html page title to show correct report code in editor. - Fix case where the test value of a criterion = 0. - Fix problem with no display of resolved hostnames on packet detail page with PostgreSQL. - Fix problem with no display of resolved hostnames on packet detail page when ip stored as text in ulogd. - Always print SQL query if it fails. - Update documentation. Version 0.87 2004-6-1 - Add support for multiple ports and ranges. - Add selection controls on report editor for min and max count. - Improve presentation of fragmentation offset field. - Only update hostnames / services appearing in report when updated at runtime. - When updating cache at runtime update cache before running query! - Add multiple paging links. - Fix paging while drilling down. - HTML changes for reasonable rendering on Netscape 4.xx. Version 0.86 2004-4-10 - Fix problem with multiple sorts using report header links. - Fix problem with resolved hostnames on packet page with non-int field types. - Fix problem reloading page after using help links on report editor page. - Minor documentation updates. Version 0.85 2004-2-2 - Add config file option to change location of PHP saved session data. - Add config options to tune PHP. - Add resolved service names on packet detail page. - Update scripts for MySQL and PostgreSQL. - Fix PostgreSQL problem on drill-down on count column. - Fix drill-down on count column for icmp. - Fix broken cancel button on update cache page. - Force flush of output during cache update. Version 0.84a 2004-1-16 - Fix bug for drill-down on count column. Version 0.84 2004-1-13 - Added ability to sort reports on main page. - Add Update Cache button on main page. - Add resolved hostnames on packet detail page. - Fix drill-down for non-tcp protocols. - Suppress icmp packets when drilling-down on tcp or udp port. - Suppress blank last page for limited reports when matching rows are a multiple of page length. - Print more meaningful row info in footer of limited reports. - Make row info part of table. - Use sessions instead of cookies for state maintenance. Version 0.83 2003-12-15 - Fix to allow intuitive navigation with browser 'back' and 'refresh' buttons while 'drilling-down'. - Make tab order on forms more intuitive. - Give each functional page a descriptive name for better navigation. - Use client-side filesystem instead of server-side for import and export. - Only select tcp packets on drill-down on tcp options. - Fix for display when sport or dport = 0 (was blank). - Fix sample reports with 'HAVING' clause. - Clean up debugging code. - Do not need to force oob time in sample reports. Version 0.82 2003-11-23 - Add PostgreSQL support. - Add support for log-ip-as-string. - Fix cache update when keys are duplicated. - Add more status output during cache update. - Use common cache update code. - Minor html fix in report editor documentation. - Add additional parameter checking. - Make labels on earliest and latest columns unique. Version 0.81 2003-11-18 - Added documentation for report editor. - Fix compatibility with PHP 4.1. - Gracefully respond to missing config file. Version 0.8 2003-11-15 - Initial public release.