forked from e2guardian/e2guardian
-
Notifications
You must be signed in to change notification settings - Fork 0
/
DGChangeLog
executable file
·1380 lines (1160 loc) · 69.4 KB
/
DGChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
June 2013 - DansGuardian 2.12.0.7
- Added, DansGuardian now supports epoll (partial and Linux only), bringing large increases in performance and scalability to Linux System - By Philip Pearce (e2bn.org)
This feature must be used with --with-filedescriptors=N compile option
- Fixed security bug, Dansguardian uses -USER- and -REASONGIVEN- that are replaced with what is necessary. In the authentication if we input html code or javascript it will include it on the error page, Thanks to Alfredo Sylva for report. - by frederic Bourgeois
May 2013 - DansGuardian 2.12.0.6
- Fixed Reportinglevel per filtegroup By frederic Bourgeois
- Added sslaccessdeniedaddress (fix HTTPS denied blanck page with reporting level 3 - only with firefox -) By frederic Bourgeois
- Added ssldeniedrewrite (fix HTTPS denied blanck page with reporting level 3, need an HTTPS website - By frederic Bourgeois
- Added zero value (optional) for some options, like maxcontentramcachescansize - By frederic Bourgeois
- Some minor efficiency improvements (remove GCC warning, etc) - By Frederic Bourgeois
April 2013 - DansGuardian 2.12.0.5 - alpha
- Increase max children to support large networks by Frederic Bourgeois
This new option is used to define the number of file descriptors for DansGuardian on large system
Need to recompile DansGuardian with the --with-filedescriptors=N compile option
configure option --with-filedescriptors=N N=MaxChildren Max
January 2013 - Dansguardian 2.12.0.4 - alpha
- Set persistent cnx timeout in e2guardian.conf by Frederic Bourgeois
- Multiple auth fixed - checked only with one port - (crash fixed before patch #9) - by Frédéric Bourgeois
- French translation update (accents problem) - by Frédéric Bourgeois
- Added allow regex header filtering with greylist - Frédéric Bourgeois
- MITM issues null ceriticate end date value (fixed) - by Marcelloc
- Concat values resulting in /// on cert path (fixed) - by Marcelloc
- Mitm_magic check code does not work, even if you do not set any mitm key (disabled in code)(ConnectionHandler.cpp) - by Marcelloc
- Re-include general max_upload_size general option - use max_upload_size general value if not set in filtergrouplist - by Marcelloc
- Fixed maxuploadsize silently ignored - all posts blocked - (patch #12) by Frederic Bourgeois
- Applied patch 1 (allow regex filtering with greylist) - by Frederic Bourgeois
- Fixed minor compilation error - by Frederic Bourgeois
- Applied patch 13 (CONNECT broken due to attempted persistency) - by Nils Goroll
September 2012 - Dansguardian 2.12.0.3 - alpha
- Fixed memory leaks reported by analysis from coverity
- Improved persistent connection for a better RFC compliant implementation, but not yet fully HTTP 1.1
- Minor improvement for debug output
- Applied patch #11 (Maxuploadsize per filtergroup) by Frederic Bourgeois
September 2012 - Dansguardian 2.12.0.2 - alpha
- Applied patch #9 (Crash when more than one authplugin are selected) by Frederic Bourgeois
- Added feature to allow Facebook mock ajax (request #6) by Jason Spiro
- Added contrib dir
- Added a new html & css validated html template in contrib (request #3). By Chris Peschke
- Converted iso-8859 message files to utf-8 (bug #86). Suggested by Fred Ulisses Maranhao
- Fixed Error reading Content-Length (bug #84). By Carlos Soto
- Fixed compilation error BSD due lack of string.h when using memcpy() (bug #75). By Alexander Hornung
- Fixed exceptioniplist case sensitivity (bug #11). By Mark J Hewitt
- Fixed accept-encoding support for new tokens (bug #13). By userquin
May 2012 - Dansguardian 2.12.0.1 - alpha - UNRELEASED
- Applied patch 3438750 (GCC 4.4 and 4.6 compatibility) by Mathieu PARENT
- Applied patch 3438749 (French translation update) by Mathieu PARENT
- Applied patch 3418297 (Set proxy timeout in e2guardian.conf) by Frederic Bourgeois
- Applied patch 3419088 (login/password in URL is dropped) by Mathieu PARENT
- Applied patch 3419089 ("Expect" header should be dropped) by Mathieu PARENT
- Applied patch 3438751 (Fix queue handling in OptionContainer) by Mathieu PARENT
- Applied patch 3515167 (Fix digest identication) by Frederic Bourgeois
- Fixed GCC warnings
- LFS review in String.cpp (requires different arch review yet)
August 2011 - DansGuardian 2.12.0.0 - alpha
- Search term filtering
- POST data scanning
- ClamAV scanner removed (direct library usage, not ClamD)
- "KavAV" scanner removed (direct library usage, not KavD)
- Fix crash on logging very long URLs
- Per-group PICS settings
- Option to use a specific blocked response for Flash
(".swf" URLs; "application/x-shockwave-flash" MIME type)
- HTTPHeader bug fixes re. persistent connection detection,
crash in some (unknown) circumstances when trying to tunnel POST data
- Added per-room-blocking.
- Fixed a very old problem with gentle restarts where DG would fail to release the RAM for the first set of config loaded. This was very noticeable on systems with many groups.
- Added the ability to have DG listen on more than one port and to use a different authentication plugin on each port. However, some combinations are just not physically possible - for example basic auth (proxy auth) won't mix with other authentication methods.
- Added transparent NTLM authentication, however to be useful needs an authentication daemon and daemon-aware, NTLM-enabled web server. (read source code for how to use it)
- Added experimental SSL MITM. (read source code for how to use it)
- Added experimental SSL certificate checking. (read source code for how to use it)
- Added patch by Massimiliano Hofer to add Avast! support.
- Tidied up licensing notices and removed some email addresses.
- Support individual log items up to 32KB in length, which may require multiple calls to getLine to read in.
2010 - DansGuardian 2.11.*.*
- Unreleased.
Fri 5th June 2009 - DansGuardian 2.10.1.1 - stable
- Add "originalip" option to e2guardian.conf, for determining
the original destination IP in transparent proxy set-ups, and
ensuring that the destination domain of the request resolves to
that IP. This can help to address a particular transparent
proxy security vulnerability (US-CERT VU#435052), but because of
certain limitations - only implemented on Linux/Netfilter;
potential breakage of websites using round-robin DNS - the code
is not enabled by default. Enable by passing "--enable-orig-ip"
to the configure script.
- Fix a crash which could occur when dealing with simultaneous
incoming connections in configurations using more than one
listening socket.
- Fix a crash when checking time limits on item lists.
- Fix potential usage of uninitialised memory during phrase
filtering.
Wed 21st January 2009 - DansGuardian 2.10.0.3 - stable
- uClibc++ compilation patch from Natanael Copa.
- Fix crash on exit when running out of memory during phrase tree
preparation, from Victor Stinner.
- Clean up destructors for various objects, removing code duplication
with reset() methods.
- Compilation fixes from Jeffrey A. Young.
- Better handling of whitespace (tab characters) in configuration files.
- Fix HTTPS access for unauthenticated users when using basic or NTLM
authentication plugins.
- Reload list files on soft restart if cached (".processed") files have
been updated directly, from Harry Mason.
- Chop carriage return off useragent strings when "loguseragent" is
enabled.
- Don't force contents of e2guardianf*.conf files to lower-case on
loading, so as not to destroy the case of group names.
- Make temporary bypass cookies valid for subdomains of the original
bypassed domain, including stripping "www.".
Wed 26th November 2008 - DansGuardian 2.10.0.2 - stable
- Fix persistent connection detection to resolve issues with HTTP 1.1
browsers (Firefox), NTLM authentication and HTTPS websites.
- Change supported syntax for blocking HTTPS site access by IP to match
that documented in the default bannedsitelist (use "*ips", as
documented, NOT "**ips").
Tue 21st October 2008 - DansGuardian 2.10.0.1 - stable
- Improve malformed URL detection (dc2008.de no longer incorrectly
classed as malformed).
- Improve persistent connection detection, correcting some situations in
which DG would return a blank page to browsers.
- Updated "proxies" weighted phrase list.
- Updated Chinese Big-5 messages file from Vicente Chua.
Wed 8th October 2008 - DansGuardian 2.10 - STABLE!
- Fixed handling of content with no MIME type: it will be phrase filtered,
but no Content-Type header will be inserted into the response, so a
browser's own automatic type detection doesn't get interfered with
- Fixed a performance issue with CONNECT requests being incorrectly marked
as persistent, identified by Jason Deasi
- Updated the man page (Jens Wilke) and French messages file (Jeanuel)
- Clarifications to some of the included documents (INSTALL, UPGRADING)
- Considered stable (future planned changes are fairly wide reaching, so
work will continue in a new series of beta releases)
Thu 11th September 2008 - DansGuardian 2.9.9.8
- Assume that content with no Content-Type header is HTML, so that it
doesn't bypass the phrase filter.
- Fix some incorrect usage of integer types in ListManager and
ListContainer which can lead to crashes in some rare cases.
- Escape certain characters in URLs when displaying the HTML template to
prevent XSS.
- Don't add responses other than "200 OK" to the clean URL cache.
Mon 18th August 2008 - DansGuardian 2.9.9.7 - stable-surely
- Fixed problem with PID file creation when pidfilename is not
explicitly given in the config.
Wed 13th August 2008 - DansGuardian 2.9.9.6 - stable-surely
Build system clean-ups:
- Use pkg-config to detect PCRE and ClamAV, not pcre-config and
clamav-config. Please note that this means DG now depends on
pkg-config.
- Remove platform.h.in and use preprocessor symbols from dgconfig.h
directly
- Define preprocessor symbols corresponding to directory names using
CXXFLAGS in the makefile, not platform.h, as the latter is no longer
processed by the autotools
- Remove checks in configure script for functions not actually called by
the code
- Remove a lot of obsolescent tests from the configure script, and get
rid of platform.h completely as a result
Improvements/bugfixes:
- Fix an off-by-one error in NaughtyFilter which could result in phrase
matching code looking at an uninitialised byte during filtering
- Allow regular expression comments with PCRE
- Fix a child process handling error which would cause DG to become
unresponsive if restarted then soft-restarted in quick succession
Mon 9th June 2008 - DansGuardian 2.9.9.5 - do-we-really-still-call-it-beta
- IP range & subnet support in banned & exception IP lists.
- Honour "--with-sysconfsubdir" setting when installing config. files.
- Code clean-ups: remove some unused function arguments, and eliminate
compiler warnings from checks enabled by default in recent versions of
GCC.
- New contributed Polish pornography and "good" weighted phrases.
Tue 29th April 2008 - DansGuardian 2.9.9.4 - beta
- Replaced quicksort with std::sort when loading in site & URL lists -
should behave better with pre-sorted input.
- Switch back to original compressed data before sending content to
clients, if the decompressed data is found to be zero length (i.e. just
compression headers).
- Change file blocking logic; exceptionextensionlist and
exceptionmimetypelist are now always loaded, and can override the banned
lists (much more similar to URL/domain blocking).
- ClamAV plugin updated to work with 0.93-style unpacking limits (only;
no support for 0.92.1 or earlier).
Wed 27th February 2008 - DansGuardian 2.9.9.3 - beta
- Large file (2GB+) download & scanning support
- Updated German block page template from Peter Vollmar
- Small fix to phrase matching to allow it to match the full 0-255 range
for each byte, improving foreign language filtering
- Fix for incorrect interpretation of URLs containing colons in list
files (long standing but rare bug; could cause memory corruption and
match failures)
- More documentation added to the installation (not new content, but
docs that were previously only in the source tarball now get installed)
Thu 13th December 2007 - DansGuardian 2.9.9.2 - beta
- Fixed a few memory leaks, including a fairly large one in the String
class.
- Attempt to allocate less memory when reading in phrase lists (start
small, and resize the block if needed).
- Check for out-of-memory conditions when loading phrase lists, as this
was a common cause of segfaults on soft restart on systems with low free
memory (daemon will still die, but a bit more gracefully).
- Re-worked phrase filtering: fix occurrence counting for combination
phrases, and possible performance improvements in weightedphrasemode 2.
- Digest auth support (based on contributions by Darryl Sutherland).
- uclibc compatibility patch from Gentoo Linux.
- Example of headerregexplist usage: force filtering on Windows Live
Search by cookie modification.
- Contributed updates to some of the language templates.
- Miscellaneous other bug fixes, applications of const correctness, etc.
Fri 24th August 2007 - DansGuardian 2.9.9.1 - beta
- Fix for transparent proxying.
- Fixed missing list and language files omitted from previous release.
Mon 13th August 2007 - DansGuardian 2.9.9.0 - beta
- Fix settings validation to allow maxcontentfiltersize to be set to 0.
- Tidy up option data types (hexdecodecontent, forcequicksearch and
usecustombannedimage are now "on"/"off" instead of 1/0).
- Tweak exception logging (logexceptionhits now has 3 supported values).
- Improved pre-emptive blocking for HTTPS requests.
- Altered blanket block implementation to also allow blanket exception &
grey domain/URL list matching (eg you can have allow everything).
- Added exceptionfileurllist in addition to exceptionfilesitelist.
- Added outgoing HTTP header blocking & modification.
- Added optional domain and URL lists for categorisation without blocking.
- Enabled TCP_NODELAY on all TCP sockets to work around a
performance hit with persistent connections.
- Improved phrase loading code to allow null bytes in phrases. Should
allow for support of phrases in encodings such as UTF-16.
Tue 27th March 2007 - DansGuardian 2.9.8.5 - beta
- Fix behaviour of maxcontent* settings when set to zero ("cascading"
values).
- Don't allow daemon to start with maxcontent* settings all zero.
- Tweak config. validation to better check for allowed values.
- Fix memory corruption/leaks in PICS and ClamAV (not ClamD) code.
- Protect against more types of IP obfuscation.
- Minor cleanups in string class.
- Add contributed Japanese messages & template.html.
- Add contributed YaST-specific info to supplied init script.
- Compatible with ClamAV 0.90.
- Fix pre-emptive blocking for unrecognised users when the auth
plugin(s) in use don't rely on the parent proxy (ident, ip).
- Fixed suggested file paths for using squidGuard/URLBlacklist list sets.
DansGuardian 2.9.8.3 and 2.9.8.4 - beta
- Never fully released
Mon 22nd January 2007 - DansGuardian 2.9.8.2 - beta
- "managedmimetypelist" and "managedextensionlist" made into an
either/or match, instead of both.
- Handle single dots on the end of domain names (e.g.
"http://www.cnn.com./").
- Typo fixes to a few error messages and config files.
- Allow WebDAV/OWA to work.
- Fix a bug in the phrase filtering that was introduced along with the
enhanced character encoding support.
- Add a little more info to error messages generated by failure to
connect to the URL cache, as some people seem to be having trouble with
it.
Fri 8th December 2006 - DansGuardian 2.9.8.1 - beta
- Pre-emptive blocking re-introduced, but for authed users only (don't
retrieve anything, even headers, from banned sites/URLs; helps defeat
trackers).
- Build option to record a backtrace on segmentation fault
("--enable-segv-backtrace").
- Rudimentary performance testing options (add -D__BENCHMARK to your
CXXFLAGS when compiling to make some extra command-line options
available; content to be tested is read in on standard input).
- Syslog logging support.
- Performance increase for weightedphrasemode 2.
- Reduce some ListContainer code duplication.
- FAQ and plugin documents added, see doc subdirectory.
Mon 25th September 2006 - DansGuardian 2.9.8.0 - beta
- Command-line content scanner.
- "Trickle" download manager.
- New "#noconvert" instruction in phraselists to prevent case conversion
(aid support for exotic character encodings).
- New valid value for "preservecase" to scan pages once with case
preserved, and once without (aid support for exotic character encodings).
- OpenBSD fixes, with thanks to Soner Tari.
Wed 9th August 2006 - DansGuardian 2.9.7.5 - alpha
- Fixes a logic error with persistent authentication, i.e. NTLM
(and ident by IP when not obeying x-forwarded-for headers). POST upload
blocking didn't work because it is skipped for unauthenticated users,
and persistent authentication methods weren't setting the authenticated
flag for every request.
Tue 8th August 2006 - DansGuardian 2.9.7.4 - alpha
- Updated Dutch translations.
- Tweaks which may or may not fix cpu load issues.
- Added a work around for IE bug randomly dropping file extensions
of files that are scanned.
Thu 3rd August 2006 - DansGuardian 2.9.7.3 - alpha
- Complete URL unescaping during deep URL analysis.
- Fixed more minor memory leaks.
- Stricter adherence to target throughput in FDTunnel.
- "Graceful" socket closing.
- Fixed (some?) IE POST problems (hopefully) which were introduced since
persistant connection support.
Fri 28th July 2006 - DansGuardian 2.9.7.2 - alpha
- Handle more simultaneous phraselist character encodings (help
alleviate the infamous "more than 60 links from this node" error).
- Fixed POST upload problems with NTLM.
- Nicer error messages when phrase tree cannot be built (human-readable
version of "more than 60 links from this node").
- Correctly parse ICAP URLs without explicit port numbers.
Thu 8th June 2006 - DansGuardian 2.9.7.1 - alpha
- Don't phrase filter non-text content when AV is enabled.
- Free up unused memory after loading phrase lists.
- Corrections to persistent connection detection.
- Moved looking up of client hostnames for logging back into
ConnectionHandler, to remove potential bottleneck introduced in last
version.
- Don't convert regular expressions to lowercase when reading in from
list files! (Big difference in meaning between e.g. \W and \w).
- Fixed memory leak in ipToHostname.
Mon 8th May 2006 - DansGuardian 2.9.7.0 - alpha
- Added -SERVERIP- placeholder in fancy DM template.
- icapscan compatibility greatly enhanced (known working with servers from
Symantec, Dr. Web, Trend Micro, AVIRA and Kaspersky ICAP {unreleased}).
- ListContainer and HTTPHeader performance enhancements.
- "pathprefix" option in clamdscan & kavdscan, for compatibility with
daemons inside chroot jails.
- Auth by IP plugin correctly ignores blank lines in the ipgroups file.
- "reportinglevel = -1" is now allowed in filter group config files.
- Time-limited regular expression lists (not fully hierarchic, just checks
top-level file and file containing the current expression).
- Don't log garbage when logclienthostnames is enabled and a client IP has
no DNS record.
- Read in maxcontentfilecachescansize option correctly.
- Delete temp files after sending when a partially downloaded file becomes
too big to scan (default DM).
- Safe handling of files larger than maxcontentfilecachescansize in the
fancy DM (new "maxdownloadsize" option in fancy.conf).
- Email notification of blocked pages/viruses (--enable-email compile
option, various new configuration options; patch by J. Gauthier).
- Direct tunnelling of traffic from exception sites (that are excepted
from both filtering and virus scanning).
- Various other bugfixes & build tweaks.
- Includes the latest updated phrase lists.
Mon 3rd April 2006 - DansGuardian 2.9.6.2 - alpha
- NTLM username strings are correctly terminated after conversion from
UTF-16LE.
- Spelling mistake fixed in ukenglish template.html.
- Fixed "-c" option (Jason Gauthier).
- Slightly tweaked handling of exception CONNECT (HTTPS) requests -
should help those with IE & SSL problems.
- Tweaked detection of persistent connections (HTTP 1.1 requests are
assumed persistent unless marked otherwise, as per standards).
- Buffered network input in BaseSocket::getLine (fewer system calls
during HTTP header retrieval).
- Optional logging of child process handling operations
(logchildprocesshandling).
- Conditional installation of contentscanners, lists/contentscanners and
lists/downloadmanagers directories.
- Fancy DM has managedextensionlist enabled by default, not
managedmimetypelist.
Fri 3rd March 2006 - DansGuardian 2.9.6.1 - alpha
- Improvements/fixes to filter group range checking (auth by IP plugin
usable again - sorry!).
- URL cache sorting & searching fixed.
- Workaround for clients that send lowercase "host:" headers.
- Workaround for certain types of Squid-unfriendly request (allows more
clients to work with DG+Squid used as a transparent proxy).
- Updated Turkish language files (Ozgur Karatas).
- Confusing "--with-libiconv=yes" configure option removed; iconv check
now looks for library in standard search path automatically if a
platform-native iconv function is not found.
- Iconv library check looks for both "iconv" and "libiconv" functions -
should help OS X 10.3 users.
- Time limits are applied hierarchically to included list files, as has
been the intention for a while now (obviously the feature is not widely
used :P).
- Case-insensitive handling of HTTP headers (Nerijus Baliunas).
Mon 20th February 2006 - DansGuardian 2.9.6.0 - alpha
- "ident" auth plugin supports usexforwardedfor when determining client
IPs.
- Range checking on filtergroup returned from auth plugins (pointed out
by Götz Babin-Ebell).
- Auth by IP plugin ignores entries in ipgroups which specify an
out-of-range filtergroup, and prints warning messages when it encounters
them.
- Fixed "SafeNetalcoholtobacco" typo in PICS settings file.
- Changed handling of POST uploads; large files should no longer cause
timeouts.
- There are now default managed extension/MIME type lists under.
"/etc/e2guardian/lists/downloadmanagers", and the latter is enabled by
default in the fancy download manager's config file.Götz Babin-Ebell.
- Optional blanket download blocking, with new exception MIME and
extension lists for overriding the block (existing banned MIME &
extension lists not used in this mode - everything not excepted is
banned).
- New "exceptionfilesites" list, for defining domains which are not
subject to filtering by MIME type or extension, i.e. trusted download
sites.
- Log format changes: IP and hostname are both logged (instead of using
one field for either); group name & number are now separate fields.
- Connections are correctly closed after being sent a download link from
the fancy download manager.
Thu 2nd February 2006 - DansGuardian 2.9.5.0 - alpha
- Auth by IP plugin works without PCRE.
- When using auth by IP, credentials are cached for the lifetime of a
persistent connection, instead of querying the plugin for every request
(unless usexforwarded for is enabled).
- Added blanket SSL block (**s) and blanket SSL IP block (*ips).
- All usernames show up as lowercase in the logs.
- Auth plugins get reloaded on -g (allows changes to IP plugin's.
ipgroups file to take effect as well as changes to the filtergroupslist).
- Added allow per-group override of reportinglevel (hence per-group choice
between HTML template & external access denied address).
- Fixed a few memory leaks & some minor memory corruption.
Wed 25th January 2006 - DansGuardian 2.9.4.0 - alpha
- NTLM and proxy auth plugins renamed to "proxy-ntlm" and "proxy-basic"
- Fixed child process failure after -g
- Changed clamav's memory scanning method (uses more reliable parts of
Clam API; both clamav and clamdscan should now detect the same viruses)
- Unfortunately the new method does involve saving to file first;
however, you can use POSIX shared memory on supported platforms, or
specify a ramfs/tmpfs location, with a fallback to using the standard
filecachedir.
- Also, the temp directory used internally by libclamav can be configured.
- zlib can optionally be statically linked
- Improved handling of HEAD requests and HTTP redirects
- Improved error logging in clamav & clamdscan
- clamdscan now issues "SCAN" command instead of "CONTSCAN" (stops
scanning after the first error/virus is found)
- kavdscan can handle archive files containing multiple viruses (patch
submitted by littlecahya)
- More verbose output in debug mode
- Improved default & fancy download managers handling of files larger
than maxcontentfiltersize (or maxcontentfilecachescansize)
- Filter groups can be named
- Only load filter group 1's settings if no auth plugins are loaded
- Changed -FILTERGROUP- placeholder to return group name
- Added -RAWFILTERGROUP- placeholder for retrieving group number
- Added -SERVERIP- placeholder; returns the IP on which the filter is
running (returns correct address if using multiple filterip options;
returns 0.0.0.0 if filterip is blank)
- URL cache now stores the group(s) for which a URL is clean, in
addition to URLs themselves (cannot access a page with a score beyond
your naughtiness limit if someone in a group with higher limit/different
phrases has previously accessed it)
- Fixed child process crashes when using maxips option, and add logging of
IP usage statistics (new statlocation option)
Wed 21st December 2005 - DansGuardian 2.9.3.2 - alpha
- Adds logging of upstream proxy return code & user's filter group number
- Fixes/improvements to configure script (FreeBSD users: try
'--with-libiconv=/usr/local')
Fri 16th December 2005 - DansGuardian 2.9.3.1 - alpha
- Fixed x-forwarded-for support in Auth by IP plugin.
- NTLM plugin now compiles on FreeBSD.
- Can now log in using NTLM when browsing HTTPS sites.
- Fixed mis-authentication with downstream proxies.
- Fixed log all usernames, even those not in the filtergroupslist.
- NTLM plugin handles UTF-16 usernames.
- Improved child process responsiveness when using tunnels.
Tue 6th December 2005 - DansGuardian 2.9.3.0 - alpha and approaching feature complete
- Added NTLM Auth support.
- IP Auth plugin now supports X-Forwarded-For headers.
- Added Persistent connection support to allow pass through of a number of
protocols like NTLM and others that break without persistent connections. It also should
improve performance.
- Added better support for filter/infection bypass mode "-1" setting.
- Added configurable category list thresholding where you can configure it to only
show the top phrase categories matched.
- Performance enhancements to phrase filtering.
- Added infection bypass mode (with optionally only allow on scan error).
- Multiple auth plugins now allowed.
- Embedded URL (links, images) extraction & weighting to allow sites with lots
of links to banned domains to be more likely to be denied.
- Now marks content & URL modifications in the logs.
- Added Hungarian & Portuguese Brazilian language files.
- Fixed URL regular expression search & replace.
- Fixed hexdecodecontent handling of a page's last few bytes.
- Fix for empty pages with gzip & zlib encoding.
- Fixed content-length header for pages with content modifications.
Tue 8th November 2005 - DansGuardian 2.9.2.0 - alpha and feature incomplete
- Filter groups now define a "filtering mode": banneduserlist and
exceptionuserlist support have been removed, and replaced with the
concept of a user being a member of a group which is in banned/filtered/unfiltered
mode.
- Added plugin-based authentication system - proxy and identd auth methods are
now provided as plugins.
- Added auth by IP plugin - maps individual IPs, IP ranges & subnets to filter
groups.
- Download managers support optional extension/mimetype inclusion lists,
for additional limiting of which requests get handled by a given manager.
- Fancy download manager supports HTML templates.
- Added client hostname display for banned pages (new placeholder available
for HTML templates; new parameter for CGI).
- Page weights are now explicitly logged against all filtered requests
(not just as part of the "reason" string on weighted phrase banned
requests).
- Now includes a lot of example content and URL regexps.
- Now includes latest phrase lists.
- Fixed PICS enable/disable option fixed (PICS now disabled by default).
- Fixed filter bypass links cannot bypass the blocking of files virus scanned
and found to be infected: you can now only download known infected files
by being a member of an exception filter group (if contentscanexceptions
is disabled), or by being in a group with disablecontentscan set.
- Fixed improved extension detection for downloads from CGI scripts - fewer
downloads can now slip through the net.
- Fixed exceptionvirusmimetypelist support (i.e. it now works).
- Fixed improved behaviour of logclienthostnames option.
- Fixed configure script checks that the installed PCRE version is recent
enough, if building with PCRE support.
Mon 24th October 2005 - DansGuardian 2.9.1.0 - alpha and feature incomplete
- Added Deep URL scanning to spot URLs in URLs to for example block images in google images.
- Added Advanced advert blocking, including an option not to log advert blocks (DG now
includes advert domain/URL lists from squidGuard, with added categorisation, to
demonstrate this feature).
- Added Korean PICS support.
- Added new phrase filtering mode: looks only at contents of title & meta tags.
- Added case insensitive detection of headers retrieved from webservers which
don't obey standards.
- PCRE support is now optional at configure time (--with-pcre; disabled by
default).
- e2guardian.org removed from exceptionsitelist, and a rule added to
bannedregexpurllist, to prevent accidental access to the DG sample virus repository.
- Firefox DoS fix in contentregexplist (commented out by default to conserve CPU).
- Fixed Grey URL list checking scans greyurllist, not bannedurllist.
- Fixed support for matching multiple URLs which differ only by a suffix.
- Fixed ClamD/KavD so they now run as both the same user & group as DG and
successfully access temp files.
Wed 19th October 2005 - DansGuardian 2.9.0.1 - alpha and feature incomplete
- Designed from scratch easily pluginable download management system which works with the...
- Designed from scratch content scanner system with a simple plugin system which makes it easy to write new content scanners such as the included AV. It can also chain multiple scanners so you could use more than one AV engine for example. Other nice things include in-memory scanning if the plugin supports it saving writing to disk.
- Download manager is compatible with WGET and software updates and will switch to a fancier version with percent graph when used with a browser.
- Download manager is secure as each download is keyed to the original downloader.
- No dependance on libtool or pkg-config unlike the original 2.9 AV version.
- Added time/day controls support for lists.
- Added category support so when it says banned site it says what category.
- General speed and code improvements.
- New code style guide produced.
- Code is now in the new style.
- Ported to automake and autoconf for a more standard and logical code maintanence.
- Developer documentation is now provided online to describe the code better.
- Regular expression content replacement is improved so back references work so browser vulnerabilites can usually be automagically removed.
- Added URL regular expression replacement so you can force safe search in google or redirect people to a different site.
- Long log lines are now inteligently truncated.
- Port < 1024 can be used and group and user set IDs are properly used and similar clean ups.
- Multiple command line options are now possible.
- The compile time options are displayed with a -v.
- Anonimised logs option for countries with strict privacy laws like Germany.
- Added a -Q option which allows a restart and a full config change for example.
- Added regular expression exception URLs.
- Added the ability to listen on N IPs rather than 1 or all.
- The latest phrase lists from Fernand (phrase maintainer).
Sun 14th August 2005 - DansGuardian 2.8.0.6
- More phrase and other list mods.
- Increased IPC buffers to solve problems with long log lines and URLs.
Tue 9th August 2005 - DansGuardian 2.8.0.5
- Fixed not being able to regexp content replace with a blank.
- Fixed long standing bug with processed list files which now makes startup several times faster
if you are using multiple filter groups.
- Added a nocache directive to the HTML template display header.
- Added Slovak language files.
- Removed german2 language files.
- Added option so bypass hash could be enabled but no valid hash presented so external auth
mechanisms can be used with the bypass feature.
- Removed deleting of log ipc file on -r restart.
- Added lots of phraselists thanks to Fernand Jonker.
- Added fix so it should compile on Fedore Core 4 and other GCC4 distros.
- Corrected TEMPLATE spelling error.
- Filter groups now limited to 99 not 9.
- Updated proxy testing error message.
Sun 20th February 2005 - DansGuardian 2.8.0.4
- Corrections to Brazillian messages in Portuguese.
- Updates to Lithuanian messages.
- Updates to INSTALL file to stop confusing debian users.
- Fixed libz problem in Makefile for OSX.
- Fixed long standing bug where when it sigtermed with a -q it killed itself rather than exiting gracefully.
- Fix to long standing bug in HTTP header handling causing possible problems with non-browser
HTTP clients.
- Minor improvement to HTTP header sending.
- Updated HTTP header to handle RFC compliant but abnormal requests.
- Fixed long standing bug where a -r restart would not cause the users groups file to be re-read correctly so users who were changed group would not always be detected. This bug could also cause users to appear to be in the wrong group sometimes.
Fri 10th September 2004 - DansGuardian 2.8.0.3
- Corrected log configuration logic for running with a seperate log daemon.
- Corrected hard-coded /usr/lib which causes problems on 64-bit systems.
- Corrected mistake introduced by a 3rd party submitted patch which caused the entire set of
config files to be loaded and processed even on a soft restart.
- Corrected potential unsafe permissions on the log dir.
- Updated Big5 language file.
Thu 29th July 2004 - DansGuardian 2.8.0.2
- Corrected missing new line in French messages file.
- Added include in String.cpp for Debian/FreeBSD compile problems.
- Removed eronous openssl part in configure script.
- More INSTALL file improvements.
- Added some more domains to default exception lists.
Wed 28th July 2004 - DansGuardian 2.8.0.1
- Corrected INSTALL file.
- Corrected some language files.
- Corrected a locale issue.
- Corrected issue where banned extensions could be bypassed by hex encoding the file name.
- Fix to start script to make it more debian compatible.
- Moved to new numbering scheme and lower case source name as requested by package builders.
Wed 21st July 2004 - DansGuardian 2.8.0
- Included zlib static building info in INSTALL file.
Fri 16th July 2004 (pm) - DansGuardian 2.7.7-11
- Made parameter checking more durable and less messy.
Fri 16th July 2004 (4am) - DansGuardian 2.7.7-10
- Fixed a typo in the FreeBSD Makefile.
- Added new googlesearches phrase file.
- Fixed a terrible DoS bug in the file download buffering so that large binary files with no length header but are marked as text no longer eat up all the RAM.
- gzip or zlib compressed pages are now no longer sent to the client uncompressed if they are
not modified with content replacement. This is extra good if the clients are remote to the
filter as it will save bandwidth. This was a pleasant side effect of fixing the DoS bug.
- Updated to use zlib 1.2.1 for gzip in-memory decompression but will fail gracefully if an
older version is installed. This change was *required* to fix the DoS bug.
- Slightly improved socket handling so it's a tiny bit quicker and takes up less file descriptors. This was a result of the DoS bug fixing.
Mon 14th June 2004 - DansGuardian 2.7.7-9
- Improved sysv file for Linux.
- Fixed some compile issues on FreeBSD with needing more #includes.
- Incorporated FreeBSD Makefile changes at request of port maintainer.
- Fixed checking for auth required so it only matches "407 Proxy Authentication Required".
- Disabled log entries for "407 Proxy Authentication Required" to prevent log poisoning (user X attempting to access a bad URL posing as user Y).
- Fixed issue with very small list files being ignored.
- Fixed crash on empty phraselists.
- Reinstated case sensitivity in conf files.
- Improved socket exception error messages.
- Fixed "user@site" URLs not being filtered properly.
Wed 28th April 2004 - DansGuardian 2.7.7-8
- Fixed grey lists not overriding regexpurl lists.
- Added frenchpornography phrases.
Wed 21st April 2004 - DansGuardian 2.7.7-7
- Fixed compile issue on FreeBSD.
- Fixed ".Include" files not working for bannedregexpurllist.
Wed 14th April 2004 - DansGuardian 2.7.7-6
- Fixed content filter bypass which with a specially crafted request could force an unclean page
into the clean page cache.
- Fixed a memory allocation error in the list files which lead to 1 byte of memory potentially
being overwritten.
- Corrected German messages file.
- Fixed mistake in the hash parameter sent to the access denied perl script.
Fri 26th March 2004 - DansGuardian 2.7.7-5
- Increased some timeouts to more reasonable values.
- Client IP now passed to deny script.
- Added feature where when a user is not found the IP is checked for in the filter group list.
- Added workaround for OS X bypass feature problem.
- Slightly improved content replacement so it can handle " characters.
- Included updated lists for use with urlblacklist.com.
- Added danish language.
Wed 25th February 2004 - DansGuardian 2.7.7-4
- Gentle restart now flushes the clean URL cache so changes don't appear to not work.
- Fixed bug where non-text URLs were getting added to the URL cache.
- Changed cookie bypass to use the same time code as the URL bypass so that users are not able
to effectively double the time period.
- Fixed mistake in bypass logic which stopped exeptions from working.
- Changed configure to try to detect the correct path to endian.h.
- Dissabled bypass when post block.
- Added check for ..\
Thu 19th February 2004 - DansGuardian 2.7.7-3
- Fixed problem with Darwin using non-standard accept()
Wed 18th February 2004 - DansGuardian 2.7.7-2
- Added check for /../ in URLs to stop users bypassing part of the filtering.
Wed 4th February 2004 - DansGuardian 2.7.7-1
- Fixed minor problem with IE and denied page.
Tue 3rd February 2004 - DansGuardian 2.7.7
- Added a temporal denied page bypass facility.
Sat 3rd January 2004 - DansGuardian 2.7.6-7
- Improved detection of when a sub list file has changed for gentle restart.
Wed 24th December 2003 - DansGuardian 2.7.6-6
- Made header request line tolerant to multiple spaces.
- Fixed preemptive banning not deactivating unless proxy auth was also enabled.
- Fixed broken bannedphraselist file included by default.
- Fixed segfault on missing config file.
- Removed arbitary limit on filter groups. Now 99.
- Fixed SSL site banning when preemptive banning is switched off.
Sun 14th December 2003 - DansGuardian 2.7.6-5
- Fixed a segfault when using gentle restart in some situations.
Thu 11th December 2003 - DansGuardian 2.7.6-4
- Fixed segfault with -N option.
- Fixed typo in bannedurllist.
- Fixed cross site scripting vuln in e2guardian.pl.
- Fixed error in Solaris Makefile.
- Fixed '//' detection yet again to use a further different approach due to broken sites.
Thu 4th December 2003 pm - DansGuardian 2.7.6-3
- Fixed a URL filtering bypass which worked by appending a period '.' after the domain.
Thu 4th December 2003 am - DansGuardian 2.7.6-2
- '//' detection fixed to not give so many false positives.
Wed 3rd December 2003 - DansGuardian 2.7.6-1
- Fixed some compile problems with a missing cerrno.
- ICRAviolenceobjects was missing and is now added.
- Exception phrases now take presidence when there is a dup.
- URL matching has been improved to support non-path elements better.
- '//' in URL paths properly checked for now.
- Tidied some code structure.
- Fixed inability to listen on privelaged ports.
- Fixed gentle restart segfault when a file is changed twice.
- Removed lots of commented out code.
Thu 20th November 2003 - DansGuardian 2.7.6
- Sub list (.Include) support fixed.
- Added processed file support for grey and exception URL and site lists.
- Fixed bug where it would not exit when there was a mistake in the f1 conf file on start up.
- Made non-standard redirector delimiting optional.
- 'e2guardian -s' now works as non-root.
- Generally improved errors with the -s -r -g and -q options.
- Ident now uses X-Forwarded-For when DansGuardian is configured to use it.
- Bug fixed in exceptionurllist using wrong list file.
- './configure --logdir' option being ignored by default fixed.
- OSX compiler warnings solved.
Sun 16th November 2003 - DansGuardian 2.7.5
- Improved URL encoding for e2guardian.pl.
- Added greysitelist and greyurllist to allow sites past the URL filtering but to still have the
content filtering applied.
- Added chineasegb2312.
- Minor code changes.
- Fixed underscores in hostnames giving malformed URL.
- Fixed an image replacement bug.
- Startup speed improved by using seperate lists per each included file.
- Fixed '-r' restart problems not killing processes.
- Fixed race condition causing problems when restarting.
- Added a '-g' gentle restart that does not kill current connections but filter group config is
re-read.
- Added filter group support so different filtering settings can be used for different groups of
users.
- Added inteligent list managing so that if different filter groups use the same file they will
share one copy of it. It also means it does not need to read in two copies. The list managing
also caches the lists between restarts thus reducing restart speed dramatically.
- Added a German pornography phrase category.
Wed 10th September 2003 - DansGuardian 2.7.3-1
- Added check for '//' in URLs thus stopping the URL filter workaround.
Sun 31st August 2003 - DansGuardian 2.7.3
- HTTP port now stored in logs.
- Exception/banned site lists can now use .tld
- Fixed banned extension not being logged.
- Improved whitelist mode so that domains listed in the bannedsitelist are actually allowed,
however they have the normal filtering applied.
- URL matching fixed so that /blah no longer matches /blahfoo
- Fixed broken image replacement due to debug code left in.
- Included an upgrading guide.
Wed 30th July 2003 - DansGuardian 2.7.2
- AD image replacing improved with mime checking as well as extension checking.
- Added option to dissable pre-emptive banning which provides many benifits such as not needing
to access a clean site first before your unfiltered user is recognised.
- Fixed bug where a missing '/' in the .conf caused everything to be not filtered.
- Added options to specify log, pid, and uds so that multiple instances can be run
simulaneously. Previously this was only possible with code editing an recompiling.
- Added support for HP/UX.
- Added support for fully qualified addresses in banned and exception ip lists.
- Fixed a memory leak.
- Added option to disable forking into the background.
- Added option to disable logging process.
- Added option to specify the user that it runs as to override the compile default.
- Added option to do a 'safe' restart where the process leader does not send a kill to every
other process. This makes it possible to run as su safer.
- Added mxspanish language files.
Sat 12th July 2003 - DansGuardian 2.7.1-4
- Fixed typos in several autoconf files.
- Removed redundant fcntl calls which caused problems in FBSD.
Mon 7th July 2003 - DansGuardian 2.7.1-3
- Fixed 2 file descriptor leaks in the logging and url cache code.
Sun 6th July 2003 - DansGuardian 2.7.1-2
- Fixed bugs with URL cache.
- Fixed the exiting on HUP.
- Included new Bulgarian language files.
- Fixed typo in linux.in file.
Fri 13th June 2003 - DansGuardian 2.7.1-1
- Fixed Ident.
Mon 12th May 2003 - DansGuardian 2.7.1
- Added image replacement code based on ideas from Aecio F. Neto which guesses if a banned
file is an image and if so replaces it with a configurable replacement such as a 1x1 gif.
- Much improved the IF structure in the ConnectionHandler.cpp to make it slightly faster and a
LOT more organised. Based on ideas from Aecio F. Neto again.
- Fixed bug in Makefile where contentregexplist would get deleted by mistake.
Sun 20th April 2003 - DansGuardian 2.7.0-1
- Removed some debug code left in by mistake.
Fri 18th April 2003 - DansGuardian 2.7.0
- Added option to do raw, smart or both phrase filtering thus optionally reducing cpu usage by half.
- Added ICRA vk PICS option support.
- Added improved internationalisation language file support.
- Removed bodge for UDS truncated file and replaced with a proper fix.
- Added WebDAV support (for Outlook Express access to Hotmail).
- Added forkpooling to on average half cpu usage and improve scaleability. (big feature)
- Descriptors 0-2 are now dup2ed to /dev/null to prevent some shell hanging.
- Added improved granulinarity to the content filtering limit.
- Added option to switch off DFA searching so full 16-bit char support is regained.
- Added more 16-bit char support.
- Added support for lower-casing accented characters.
- Added support for unescaping HTML content.
Wed 14th April 2004 - DansGuardian 2.6.1-13
- Fixed content filter bypass which with a specially crafted request could force an unclean page
into the clean page cache.
- Fixed a memory allocation error in the list files which lead to 1 byte of memory potentially
being overwritten.
Wed 25th February 2004 - DansGuardian 2.6.1-12
- Added check for ..\ and ../ in URLs
Wed 24th December 2003 - DansGuardian 2.6.1-11
- Made header request line tolerant to multiple spaces.
- Fixed broken bannedphraselist file included by default.
Thu 11th December 2003 - DansGuardian 2.6.1-10
- Fixed cross site scripting vuln in e2guardian.pl.
- Fixed '//' detection yet again to use a further different approach due to broken sites.
Thu 4th December 2003 pm - DansGuardian 2.6.1-9
- Fixed a URL filtering bypass which worked by appending a period '.' after the domain.
Thu 4th December 2003 am - DansGuardian 2.6.1-8
- '//' detection fixed to not give so many false positives.
Wed 3rd December 2003 - DansGuardian 2.6.1-7
- ICRAviolenceobjects was missing and is now added.
- '//' in URL paths properly checked for now.
Thu 20th November 2003 2003 - DansGuardian 2.6.1-6
- Fixed malformed URL error with a '_' in the hostname.
Wed 10th September 2003 - DansGuardian 2.6.1-5
- Added check for '//' in URLs thus stopping the URL filter workaround.
Sun 31st August 2003 - DansGuardian 2.6.1-4
- Typo in OBSD Makefile to do with 'install' program fixed.
- Fixed banned extension not being logged.
Mon 7th July 2003 - DansGuardian 2.6.1-3
- Fixed 2 file descriptor leaks in the logging and url cache code.
Sun 6th July 2003 - DansGuardian 2.6.1-2
- Fixed bugs with URL cache.
- Included new Bulgarian language files.
Fri 13th June 2003 - DansGuardian 2.6.1-1
- Fixed case sensitivity in Ident.
Mon 12th May 2003 - DansGuardian 2.6.1
- Improved file extension list.
- Removed RLIMIT code that seems to cause problems and is not needed anyway.
- Added Italian bad words.
Mon 14th April 2003 - DansGuardian 2.6.0
- Fixed URL cache bug that caused it to stop caching when not enough different URLs are used.
- Fixed dlopen false requirement in configure.
- Increased logrotate.d sleep to cope with slower machines better.
- Fixed bug where log ipc socket not closed on error which could cause fd resource problems.
- Fixed bug in sysv script so stdin is redirected to /dev/null to prevent some shell hanging.
- Fixed bug where when a list file had been modifed but not the main refering file, the processed file would not get recreated and a file descriptor left hanging.
- Fixed bug where rlim_cur was set too low causing forking problems in high loads.
- Fixed bug where the url passed to the cgi reporting script was not encoded enough.
- Fixed bug where it can check a PICS rating against the wrong service if more than one service rating is contained in the label.
- Minor HTTP header improvement.
Tue 7th January 2003 - DansGuardian-2.5.3-4
- Added a test to get round a mis-feature of squid where it allows hostnames of the form host.domain..tld which bypassed the URL filtering.
Sun 1st December 2002 - DansGuardian-2.5.3-3
- Double free, compile warnings and configure typo fixed.
Sat 30th November 2002 - DansGuardian-2.5.3
- Fixed a bug with trailing '/' being added on some URLs with Mozilla.
- Added feature where you can limit the file size that text documents are under before they
are content filtered and content replaced. This is most useful for sites that label 640mb iso images as text.
- Added feature where you can now log in the squid log format for use with your favourite
log analysers.
- Added guessing as to gcc version so should compile easier on gcc 3.
- Some typographical errors corrected.
- A fix for when an empty phrase list is used.
Fri 8th November 2002 - DansGuardian-2.5.2
- Added Mac OS X support.
Sat 26th October 2002 - DansGuardian-2.5.1