2000-08-31 Bruce Guenter * ipmkchains_constants.py (mask2bits): Moved the table of netmask to bit count translations into the constants. 2000-06-27 Bruce Guenter * ipmkchains.py (add_route_rules): Added this command to translate the routing table into a set of source address tests. * ipmkchains_types.py (Route): Added a new Route class, and a raw2route method for converting from raw Linux route data. (Address.__str__): Added str and repr conversions for the Address class. 2000-06-15 Bruce Guenter * Released version 0.16 * ipmkchains.py (rule): Added support for port ranges (a tuple containing two ports), and fixed the negation of ports to indicate a "not-matching" condition. 2000-06-12 Bruce Guenter * Released version 0.15 * ipmkchains.py (install): Scan the the standard chains last, to try to avoid creating references to nonexistant chains. 2000-05-18 Bruce Guenter * Released version 0.14 * ipmkchains.py (_scan_chain): Fixed bug in determining where to restart after diff outputs a "@@" line. 2000-03-24 Bruce Guenter * Released version 0.13 * ipmkchains.py (rule): Added test to make sure target=REDIRECT when redirect is set. 2000-03-20 Bruce Guenter * Released version 0.12 * ipmkchains.py (rule): Raise an exception when trying to set a port for protocols other than ICMP, TCP, or UDP. * ipmkchains_types.py (Rule.command): Output the redirect port after the "jump" if it's set. Also made more of the options not output if they're set to defaults. 2000-02-23 Bruce Guenter * Released version 0.11 * ipmkchains_types.py (Rule.command): Added support for negation for SYN and FRAG flags. 2000-02-18 Bruce Guenter * Released version 0.10 * ipmkchains_constants.py: Moved all the constants into this module. * ipmkchains_types.py: Moved all the type definitions (Address, Rule) into this module, along with the type conversion functions. * ipmkchains.py (Address.__neg__): Added the negate operator to produce an address with the negate flag inverted. 2000-02-17 Bruce Guenter * Released version 0.9 * ipmkchains.py: Converted the "address" tuple into a class named "Address". (rule): Handle negated "syn" and "fragment" flags properly. (rule): Allow "None" as a protocol type. 2000-02-03 Bruce Guenter * Released version 0.8 * ipmkchains.py (rule): Added handling for numerical or named ICMP types. 2000-02-01 Bruce Guenter * Released version 0.7 * ipmkchains: Wrote this script that imports ipmkchains.py, along with a set of rule files specified on the command line, and installs the rule sets after reading them all in (using exec). * ipmkchains.py (_scan_chain): Added verbose flag to optionally add all the diff output lines to the command list as comments. 2000-02-01 Bruce Guenter * ipmkchains.py (command): Added support for commands that explicitly go before the main setup commands, and that go after, using the "command_pre" and "command_post" routines. (install): Make the flushing and deleting of chains a post command, and the creation of chains a pre command.