RELEASE NOTES

Changes to 034

The telnet server and client have been removed and replaced with dropbear, which is a SSH server and client. This SSH server is also capable of both client and server TCP port forwarding. This allows for floppy users to open this server to Internet access and still have security with encryption, along with SSH tunnels to the local network.

Two new options, one to disable root logins with the FTP server and the other to disable root logins with SSH.

The local ban can now also be a local allow. This allows a user to ban there entire local subnet and then allow just the IP addresses that they want to give access to the Internet. This still allows all local users access to FREESCO and any servers running. The banlist.cfg has been replaced with restrict.cfg to clarify the ban/allow changes and in the file format along with some minor changes to the control panel. ALL of the ban/allow commands can be time based rules with the addition of a start and stop time. This time format is based on hours and minutes of the day where the range is from 000 to 2359 and also includes an optional day format, so that rules can be day of the week oriented as well.

A new DHCP server mode. You can now set the DHCP server in "s" server mode. Previously in 033 this was done automatically if there was only one network card installed. Now this mode can be used on multiple interfaces. What this mode does is if FREESCO is NOT your ISP connection, then it can still act as a local DHCP server. Added some new checks in the rc_dhcpd to prevent the server from running on the external interface when it shouldn't.

A new shutdown sound if diagnostic beeps are enabled in the advanced setup. This enables a user without a monitor to know when the machine is completely shut down.

A new read only disk option. This option can move a hard drive install to a ram drive the same as previously available with floppy installs. The only restriction is that the hard drive install including packages is small enough to fit into the ram drive excluding the kernel and ram disk size. This means that the system will run entirely in ram with absolutely no disk activity and it will be impervious to power failures or improper shut downs which cause disk corruption as well as absolutely no disk activity when FREESCO is running.

A new SMTP client that can email logs to a specific recipient rather than deleting them when the size limit is reached, as well as the ability to email the external IP address at each connection time or any time it changes and the ability to email a report.txt. This makes managing a remote system possible as well as easily monitoring it's status.

A new feature to save logs to root's home directory when FREESCO is installed on a hard drive, along with being able to remove logs older than the number of days that you specify with a special command that can be included into a crond job.

A new option in the setup to add additional ports to stealth. With this feature it is possible to completely stealth your router as long as all other security settings are also set in secure mode. Additional firewall rules to stealth server service ports when set in secure mode.

All default configuration files are now hard coded into the ram disk. This means that if a configuration file becomes corrupt or if anyone makes changes that cause the file not to function. All that is required is to delete the file from the /boot/etc directory and reboot the router. The original will be in the /etc/ directory unmodified. This applies to all original files in the /etc directory.

Two new ram disk sizes, 8MB and 16MB ram disks can now be installed. Previously only 2MB and 4MB ram disks would install. The 2MB ram disk has been removed with these two new additions along with only installing one ram disk rather than two. Previously ram disk #1 was almost never used by the system other than for /tmp directory space. This change has also raised the minimum memory requirement to 20MB before a ram disk will install. Also a new option to restrict the maximum ram disk size to just one 4MB ram disk regardless of the system memory detected is available.

Changed the rc_dhcpd to remove dynamic DHCP leases any time a static DHCP lease is added with the same MAC address.

More floppy formats are now supported 1440,1680,1722,1743,1760,1840,1920, 2880

More hard disk partitions are now supported by default hda,hdb,hdc,hdd,sda, sdb,sdc,sdd with partitions from 1 through 7

034 will now mount from any device and file system that is supported by the kernel. A DOS file system is still required for the mv2hd command. But other formats can be used with a custom installation, such as ext2 which can be used with the add on ext2-0.3.4-lewis package which will install on ANY running (Internet connected) 0.3.4 floppy.

Changed the /etc/rc file so that non standard floppy formats will respond the same as a standard 1.44 floppy. Also floppy drives that are not on the first device "fd0". This means that when booted from fd1 or fd0u1680 FREESCO will still respond correctly.

Changed the rc_eth file to ignore incorrect gateway settings when entered statically or through DHCP from a mis configured ISP DHCP server.

Enabled the DHCP client logging in the setup and system.cfg file which had not been enabled in previous versions of the 03x series. Repaired the colors in the setup which has been a bug since FREESCO was first released (All previous versions), so that yellow is really yellow. Added emailing a report.txt directly from setup.

Changed back to the 2.0.39 kernel to resolve the PPP problems in 033. This also means that all packages for the 03x series will run as well as the modules-03x.zip can be used for network drivers and all of the 032 kernels. If anyone is currently using a DX based processor there is a kernel.dx included in the zip file that can be copied to the floppy and the only difference will be that you will have a 20K increase in free disk space. Both new 034 kernels are also PCI optimized so 034 should perform better on PCI based systems.

Changed the password file for the root user to now have a home directory of /home/root, rather than just using / as the home directory. This change was required for the SSH client to retain any public key files as well as improvement for other applications that use root's home directory for specific user settings. This is also the storage location of log files if that option is enabled.

Upgraded dnsmasq to version 1.17 which fixes a significant number of bugs from 1.14, along with increasing the default cache size to 600

Upgraded dhcpd to version 2.0pl6 from b1.18 which fixes a number of old issues along with a security patch.

Upgraded the dhcpcd client daemon to version 1.3.22pl4. Thanks to Dingetje for help with compiling it.

Upgraded pure-ftpd from version 1.0.12 to 1.0.20

Upgraded thttpd from 2.05 to 2.25b.

Added user home web directories which can be enabled and accessed at http://your.router/~UserName. Removed /home directories for RAS (dial in) clients.

Added bandwidth control for the web server. Which means if you want you can restrict the web server so that it can never use more than the amount of bandwidth that you choose in Bytes per second.

Added options to the firewall setup so that all of the helper modules can be selected independently of each other. In all previous versions of FREESCO all of the modules were loaded automatically. But as each module decreases security it is now an option to only load the ones you really need.

Added a firewall rule to prevent external "smurf" attacks as well as external IP spoofing.

Recompiled the pptp binary with better optimization flags to improve it's size.

One minor text color fix to the a: command as well as being able to mount any fd1 or special floppy formats with the addition of the device name after the a: command. Such as in "a: fd1" or "a: fd0u1680"

Changed the cp-rf command so that it can now copy files and directories with spaces in the names.

Changed the rc_dns so that special static DHCP leases will be incorporated into the /etc/hosts file correctly for DNS resolution. There has also been a change so that the DNS server will always resolve the same IP for it's own name. This resolves the problem of separate subnets that are not trusted to always get the correct IP address for the router as well as any dyndns clients that may be installed.

Up to four different ISP DNS servers can be defined either statically or dynamically from the DHCP client or through the PPP client. These can either be used by the local caching DNS server or parsed to the clients with the DHCP server if the caching DNS server is disabled.

Increased the ram0 to 3Mb formated rather than 3Mb unformatted. This increase still allows FREESCO to run on 8MB of ram.

The dynamic DNS client now supports DynDNS, ZoneEdit, and DNS service providers.

Moved the /boot/rc directory into the ram disk. This provides a much faster boot for the floppy as well as providing a HUGE gain in disk space which was required for the above improvements and changes. This change will affect all lprng and Apache users, however it can be worked around, Dingetje has stated he would repackage them both for compatibility with this version and anyone using an older version of these packages can simply copy the /rc/rc_lpd and /rc/rc_httpd to the /pkg/rc directory after the package is installed or before an upgrade to this version is attempted. ANY built in /rc/rc_? file that a user wants to modify, excluding the rc_user file which is still available for editing can be copied to the /pkg/rc/ directory and then modified. All files in /pkg/rc/ will over ride any default rc_? file in the /rc/ directory.

Moved the control panel /boot/wwa directory into the ram disk. This change is primarily for a 20K gain in disk space, but it also increases control panel access times and helps prevent unnecessary disk activity. Also some new functions in the control panel to email a report, netinfo, or the current logs.

Changed the initial boot up parameters so that a mv2hd can be done before any type of configuration has been made and the system will still recognize that it has never been setup and go into the setup mode on the hard drive. This change is/was not required for this version, but for those with less than dependable floppy drives it may be needed. It may may also be useful in future versions where space constraints are possibly to high in some configurations.

Currently 50K free on the floppy.