-- Change Log --

V1.0
Initial test release, trialed on RH7.3 and RH9 machines.

V1.1
Tested on a FedoraCore3 system and installed by somebody other than me. Some bugs found, namely, path to sshd and the change in wording of sshd log messages (Illegal/Invalid).

V1.2 5/6/2005
Added subprocess so sshd could have its own log entry, this avoids confusing LogWatch type programs, so only the sshdfilter output needs a new log parser. This is also the first web release.

V1.3 9/6/2005
(Testing) Added config file and easier support for different logging messages, as so many distros like to use different messages for the same thing.

V1.3.1 11/6/2005
Fixed configuration file bug that skipped maxblocktime. Added logwatch support (needs a fairly recent version of LogWatch). Renamed directories and tar.gz to contain a version number.

V1.3.2 15/6/2005 Added a version number to the startup message. A missing config file is now non-fatal.

V1.3.3 18/6/2005
1. Better shutdown. sshdfilter now properly quits even when sshd has children. Acts on the 'sshd received...' message.
2. Block time reduced to 3 days, might go lower still.
3. LogWatch scripts syncronised to this version.
4. Number of attempts($maxchances) is now (interally anyway) a distribution specific parameter.
5. Modified INSTALL and some comments.
6. SSHD chain rules are now flushed at startup, might as well as nothing else will.
7. Gave the debug messages a consistent format.

V1.3.4 17/7/2005
1. Install script has been written, needs more testing but could work for you.
2. Check for SSHD redirect broke when the redirect was after the SSHD chain.
3. Changed wording of config file to better explain repurgetime.
4. Changed warning text of iptables checker, warns that sshdfilter prob won't work.
5. Fixed a DoS and remote root exploit caused by bad assumptions during log parsing, namely assuming user names couldn't contain a space. Thanks to Aaron Hopkins for pointing this out. Upgrading from all versions is recommended.

20/8/2005
1. Settled on a license, now GPL.

V1.3.5 24/9/2005
1. Support IPv6 addresses. Needed for some recent distributions, such as Debian 3.1 Sarge.

V1.4.0 20/10/2005
1. Support for Suse 10.0 RC 1
2. Support for CentOS
3. Red Hat Enterprise Linux ES release 4
4. Daemonise, like sshd does. Now better replaces sshd in the startup scripts.
5. select() now used to read sshd output, making repurgetime much more responsive when a small value is given.
6. Email someone on block events.
7. More support for IP6 and conversion to IP4.

V1.4.1 9/11/2005
1. Fix bug/typo in IPv6 to IPv4 conversion. Conversion was never done.

29/11/2005
1. Changed website to say more about choosing an sshdfilter executable for the target system.

V1.4.2 10/12/2005
1. Support for RedHat Fedora Core 2.
2. Support for RedHat Fedora Core 4 (was already supported, but nothing actually said so).

V1.4.3 10/2/2006
1. $interface has been replaced by $iptablesoptions, making it easier to specify the port, and any other options you might want to specify, such as -j REJECT.
2. Spawn another process when sending email, so a hanging email command won't delay sshdfilter.
3. Check for result code from system() calls when adding block rules.
4. The SSHD chain name is now a config option, so multiple instances of sshdfilter can have their own chains.
5. Support for multiple confirugation files has been added.
5. Support Gentoo, which has been reported to work with the Suse patterns.
6. Support Debian sid, based around Debian 3.1 sarge.
7. Improve LogWatch installer for Fedora Core 4, base dir now /etc/logwatch.
8. Improve LogWatch script compatibility with other versions of LogWatch.
9. Written man pages for sshdfilter and sshdfilterrc.

V1.4.3.1 20/2/2006
1. Fixed typo in error logger.

V1.4.3.2 22/2/2006 (thanks to andre sebastian liebe, master-andre at gmx de)
1. Table name SSHD was still hardcoded in the iptables setup check.
2. Removed 2>/dev/null from same check, could help inform user of problems with the iptables command. 


2/2006  1.4.3.2-dropbear
1. Support for DropBear. Thanks to Chersi Vladimir Nicola.

3/2006  1.4.4
1. Support for CentOS v4.x. Thanks to Tim Chapman.
2. Support for Slackware. Thanks to Christopher R. Curzio.
3. Fixed bug in config loader, SSHDFILTERRC was ignored.
4. Support for Debian sid. Thanks to Torbjørn Tyrida.
5. Fixed man page installation in install.pl. Thanks to Søren Kroe.
6. Fixed typos in docs. 

