Version 2.6, published 2008-07-15
This is a feature release focussing on changes on the interface with
few modifications at the base system. This release received the highest
amount of in-house testing so far and is thus to be considered stable
during the upcoming developments for Gibraltar 3.x.
- New web interface module for configuring snort as IDS, which is now
officially supported. Please note that we strongly recommend registering
with VRT to receive an update code (in either of the free or commercial
variants) and that the shipped community rules should only be used when
registering is, for some reason, not possible in the specific case.
- Puresight is now better supported in its Enterprise version.
- SSL Explorer (TM) integration has been changed slightly so that plugins
can now be installed via its normal administration interface.
- Substantially improved traffic shaping by re-ordering iptables marking
rules and improving pre-defined traffic classes. If traffic shaping is
in use, we strongly recommend upgrading to this release.
- New extensive connection-manager script to support multiple uplinks and
alternative IPSec tunnels (currently for fail-over with partial load-
balancing support).
- Installed hostapd and added web interface support for configuring access
point functionality (focussed on madwifi supported cards at the moment).
- Virus scanning for HTTP, POP3, and FTP is now possible without requiring
a hard disk due to tweaks in config files and careful management of a
temporary /var storage area (such as tmpfs).
- A new spamassassin module for classifying languages has been included
and can be configured using the web interface.
- Also installed madwifi-tools and updated kernel modules to version 0.9.4
for better access point capabilities.
- Updated ntop to version 3.2.
- Updated ppp to version 2.4.4 with additional patch for "ifname" option
so that multiple PPP connections can be supported easier (e.g. for
multiple concurrent uplinks).
- Updated snort to version 2.7.0 and installed its new dependency libpng12.
- Updated djbdns to fix resolving from some broken DNS servers.
- Updated HAVP to version 0.88.
- Updated tor to version 0.1.2.18.
- Some minor changes to boot and init scripts to better support our upcoming
GSG500 that does not feature any usual console support but has optional
WLAN (access point) support.