Linuxconf 1.9r15 (Test release)
- Rules presentation
The firewalling rules presented by Linuxconf was all but readable.
Those rules were presented in the preview prior to activating the changes. The
new format is much more readable.
- Rules ordering
Some modification were made for the sorting of the firewalling rules.
Linuxconf compute the proper order for inclusion of the rules in the
kernel. This order is now based on:
- Netmask priority. The netmask with the larger amount of ones is first (A
rules related to a host or specific network goes before a rule for a larger network).
- Interface priority. A rules targeting packet originating from a specific
interface will have priority over a rules using the interface "Any".
- Masquerading rules: Those rules go after non masquerading rules.
- Special masquerading modules
To achieve masquerading for some protocol (ftp, real audio, irc, ...) a
special kernel module must be loaded. These modules can't be loaded on demand.
The "firewalling defaults" now contain a check box for each of those
module. You just pick the one you need and Linuxconf will make sure
that they are loaded.
- Complex routing
The complex user routing mechanism is more flexible. Few people wanted to be
able to redirect a complete email domain to a single email account. This was
possible to do it before for those who had some understanding of sendmail. I
have made some change to make this more obvious. Now you can enter an email
address without user like "@one_domain.com" and redirect that to "one_user@another_domain.com"
Linuxconf use to generate a masquerading request (the DM macro of
sendmail.cf) even if the "present your system as" field was empty.
It was not useful at all. Now if the field is empty, there is no DM definition.
- Masquerading rules
A new feature in the sendmail configurator. This allows you to enter some
filtering rules which may masquerade the sender. This feature will be
generally used on a mail gateway where one want to hide one internal domain
and pretend that outgoing messages originate from another domain.
Different variations are possible. You can translate from:
- one domain to another.
- One user of a domain to another user of another domain.
- Any user of a domain to one user of another domain (weird).
- mailconf utility
Any user could enter this utility without any privilege or without providing
any password. While they could not change anything or see anything which is
important, this was annoying. You need the Linuxconf access privilege or the
"superuser equivalence" privilege or you must know the root password
to get in.
- Installation script
The installation script announces that both RedHat 4.0 and 4.1 are supported.
The work continues on the GUI. Still not operational, but getting better.
- User task management (Cron)
2 variations of the cron package are available for linux and the crontab
command differ slightly between the two. Linuxconf has been modified to
use an argument list compatible with both.
Ipx Internal network was not properly managed. The path of the utility
ipx_internal_net was not correctly entered in Linuxconf (The default
value at least).
- On demand dialing (diald)
Linuxconf was not generating the proper configuration for Diald
when using PAP.
Symbolic links in /etc/skel were not copied correctly. The content of the file
pointed too was copied instead.
- New privilege
A new privilege has been added. It is called "SuperUser
equivalence". Having this privilege allows you to do anything without
being force to provide the root password. This privilege may be either granted
or granted/silent as usual. This new privilege is targeting end user
workstation where one don't want to provide the root password all the time to
manage his workstation.