Version 3.1, published 2011-05-18
This release mainly switches from using Kaskersky to using Avira as the
underlying anti-virus engine for HTTP, SMTP, and FTP scanning. Additional
changes are:
- The /var/tmp directory can now optionally reside on the harddisk (if used)
instead of being mounted as tmpfs. This is required when using the Avira
engine, as it consumes more space in /tmp (but less system memory compared
to Kaspersky).
- Bugfixes in the connection-manager to better re-start IPsec connections in
some corner cases.
- Optimized execution time of main firewall script by removing general loops
for chain creation and letting the web interface only create those chains
required for the specific rule set.
- Recompiled strongswan (IPsec IKEv1 and IKEv2 daemon) to support NAT-
traversal for transport mode connections to support VPNs from iPhone and
Android mobile devices.
- Enabled fail2ban brute-force password cracking protection for the web
interface.
- Updated jetty JARs to version 4.2.27 to fix CVE-2004-2381 (to prevent
potential denial-of-service).