Download NuFW 2.2.12

The Nufw program is an extensive firewall that can filter every connection based on the rights of the user and the operating system used. The program uses an ldap server to check permissions, while Netfilter is used to apply the set filtering technique. For more information about Nufw, we refer you to this page. The developers have released version 2.2.12 with the following announcement:

Version 2.2.12:

NuFW 2.2.12 is available. This is mainly maintenance release. The only new feature is the capability to add a flag on ACL to tell nuauth not to log the packet accepted or dropped by this ACL. The full changelog is as follows:

• nuauth: allow syntax “[ipv6]:port” for options nuauth_client_listen_addr and nuauth_nufw_listen_addr
• libnuclient and nutcpc compilation fix for FreeBSD 7.0RC1
• FreeBSD: fix some endian problem
• nuauth: add a flag to be able to disable log on a per-rule basis
• nuauth: don’t whine if the CA is not configured
• nuauth: optimize certificate revocation list refresh
• nuauth: fix nufw reference counter
• ldap: Reconnect to ldap when connection has failed
• nutcpc: Fix problem with ‘nutcpc -k’ which did not manage to kill nutcpc if a previous nutcpc has been kill violently.
• nutcpc: detect probable authentication problem and report them accordingly
• log_nuprelude: finalize module (IDMEF alert format, severity of alert)

Version 2.2.11:

NuFW development team is proud to announce the availability of NuFW 2.2.11. This new release features an impressive work on TLS subsystem which has be done to be able to be completely strict relatively to all cryptographic usage. The full changelog is as follows:

• libnuclient: don’t leave when default cafile is not found
• factorize IPv6 code, especially IPv6 formatting (display IPv4 as IPv4 and not “::ffff:abcd”)
• plaintext: simplify ACL description, most parameters are now optional
• plaintext: fix netmask parser
• libnuclient: fix function to stop check thread for Mac OS X
• fix command line parser: option ‘-p’ was limited to 3 characters
• ldap: fix and document ldaps connection
• nufw: add -S option to do strict checking during TLS negotiation
• nuauth: be nicer with TLS client when it rejects them because certificate is invalid
• nufw: warn when TLS session is closed by nauth
• nuauth: add username when printing connections
• NuFW: fix a file descriptor leak in client and nufw
• NuFW: improve TLS subsystem

Version 2.2.10:

NuFW 2.2.10 is available. This is a maintenance release which fixes some bugs. The full changelog is as follows:

• log_mysql: fix log prefix (avoid double “:” when used with nuface)
• nuauth: fix crash when nufw is misconfigured and sends improper packet
• improved BSD compatibility