-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathChanges
276 lines (214 loc) · 11.2 KB
/
Changes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
{{$NEXT}}
1.024 2025-03-20 17:46:53+01:00 Europe/Berlin
- Migrated several URLs from Perl to golang
- Use attributes ip6, range6 for IPv6 objects
- Created go-test-framework
- Migrated berta.t-tests to golang
- Got rid of "proto" attribute for protocols (now "prt")
- Run go- and Perl-tests on test, build and release
1.023 2025-01-10 16:34:10+01:00 Europe/Berlin
- Introduce a go backend server. Will migrate backend to this
go server step by step.
1.022 2024-08-14 15:55:18+02:00 Europe/Berlin
- Fix bug with has_user and expand_rules handling
introduced in previous commits
1.021 2024-07-17 19:12:29+02:00 Europe/Berlin
- Always return has_user in get_rules and get_services_and_rules.
1.020 2023-02-09 14:05:52+01:00 Europe/Berlin
- Aggregate IP addresses in services overview, too
1.019 2023-01-17 19:51:14+01:00 Europe/Berlin
- Fix: empty User breaks display of selected service
- Fixed search of interface with negotiated address
- user-user rule with other rule is no longer valid
- Accept also prefixlen in IPv4 adresses
1.018 2022-07-06 13:25:37+02:00 Europe/Berlin
- Avoid multiplication of same IP-addresses of any-objects
1.017 2022-06-27 17:43:23+02:00 Europe/Berlin
- Fix sorting of IP ranges.
- Fix sorting of IPs in user details tab.
1.016 2022-06-22 17:14:07+02:00 Europe/Berlin
- Fix bug in own nework resources: sort by IP
- Fix sorting of resources in source and dest of rules. If IPs are displayed,
they get sorted as IPs and if names of objects are displayed, they get
sorted ASCII-betically.
- Change webpage title from Netspoc to Policy-Web
1.015 2021-06-01 15:41:22+02:00 Europe/Berlin
- Moved check for missing old version. Now also send_diff.pl handles missing version correctly.
- Fix bug with IP and mask check (32 bit unsigned int for "&"-Operation)
- Abort if JSON file can't be loaded.
- Call perlcritic, fixed issues from critic
- Fix broken dokuwiki icon link.
1.014 2020-05-13 16:15:08+02:00 Europe/Berlin
- Change size of service list from fixed width of 310 pixels
to 20% of the available viewport space.
- Get rid of owner selection window. If a wrong URL with app.html
is called or a session has expired, the user is now redirected
to the login page instead of ending up in an endless loop of
being prompted to choose an owner.
1.013 2020-04-20 20:05:35+02:00 Europe/Berlin
- History is stored no longer in RCS but in plain direcories.
This allows much faster access to old data.
- Email address received from LDAP is converted to lowercase.
Uppercase character prevented selection of correct owners.
- Correctly encode UTF-8 characters in mails about diffs.
- Adapted to changes for wildcard addresses in 'email':
- Mails about diffs are send also if wildcard address matches.
- User file is only deleted, if that email or matching wildcard address
can't access any owner.
1.012 2020-04-20 12:47:50+02:00 Europe/Berlin
- Best matching owner is selected automatically on first login now.
- Selectable owners are combined from direct email and from wildcard
email address now. This allows to write smaller file 'email' during
export.
- Use nat_set instead of no_nat_set. Exported data currently contains both.
- STDERR of 'rlog' is ignored when using -d option.
- No longer sort 'prt' of rules, is already sorted during export.
- No longer support old attribute name 'srv' for 'prt' in exported data.
- Added automated tests.
1.011 2018-07-05 10:23:30+02:00 Europe/Berlin
- Changed HTTP-method from GET to POST for all backend-URLs.
- Removed parameter "-export_ipv6" from export-netspoc-command
in t/PolicyWeb/Init.pm
- Add: error message in case of failure to determine adim or watcher.
1.010 2018-05-07 14:19:06+02:00 Europe/Berlin
- If a user has requested diff mails for some owner
and if this owner no longer exists or
if user no longer is allowed to access this owner,
then inform this user once by mail, that diff mails for this owner
will no longer be sent.
- Simplified config options:
Only these options are required:
netspoc_data noreply_address session_dir user_dir business_units
All other options are optional now.
Without default value:
ldap_uri ldap_dn_template ldap_base_dn
ldap_filter_template ldap_email_attr
With default value: ($base_dir is installation directory of NetspocWeb)
about_info_template: "$base_dir/html/about_info"
expire_logged_in : 480
sendmail_command : '/usr/lib/sendmail'
template_path : "$base_dir/templates"
New options with default values:
html_template : "$base_dir/html"
mail_template : "$base_dir/mail"
Old, now ignored options:
error_page show_passwd_template
verify_mail_template verify_ok_template verify_fail_template
diff_mail_template
These templates are read from directories html_template or mail_template
instead.
- Add: Search IP ranges
- Change: label for "disabled_at" services from "Gültig bis" to
"Deaktiviert ab", to be more concise.
- Fix: internal server error (500) on hidden services
1.009 2017-12-12 14:09:22+01:00 Europe/Berlin
- Fix: bug with buffered renderer sometimes truncating lists.
- Fix: list of owners is now sorted correctly (ignoring case)
- Add: ability to search only terminable services (with
attribute "disable_at")
1.008 2017-09-13 15:04:12+02:00 Europe/Berlin
- Fix: keep search window visible with checkbox
- Fix: print view not selectable in IE
- Change: no longer search in super nets as default
- Add: LDAP login for Dataport employees
1.007 2017-15-05 14:10:23+02:00 Europe/Berlin
- Add: "disabled" and "disable_at" for services
1.006 2016-10-06 14:10:23+02:00 Europe/Berlin
- Compatibility check with checkbox to get rid of message
- Prepare test search-ip.t to be run outside dev environment
(integrate with TravisCI, for example).
1.005 2016-07-05 19:02:08+02:00 Europe/Berlin
- Add: generate task emails to add/remove stuff to/from "User" or to a rule
of currently selected service.
- Add: delete obsolete users (that are no longer known as watchers or admins).
- Add: delete session files older than a year.
- Fix: various small bugs.
- Moved program bin/export.pl to package 'Netspoc' as bin/export-netspoc.
1.004 2015-05-13 11:16:50+02:00 Europe/Berlin
- Fix: minor errors reported by jshint.
1.003 2015-05-13 10:40:26+01:00 Europe/Berlin
- Fix: IE problems with rendering many rows (using Sencha plugin for buffered rendering).
1.002 2015-03-10 12:29:39+01:00 Europe/Berlin
- Fix: change GET to POST for get_history proxy.
- Add: more advanced frontend tests
1.001 2015-02-05 13:16:52+01:00 Europe/Berlin
- Add: icon and favicon.
- Add: "About"-window that displays info about Policy-Web (issue #18).
- Add: enable filtering checkbox for user-tab when searching (issue #15).
- Add: collapse network ressources if too many (issue #10).
- Add: gridprinter rowsummary and ExtJs 5.x support (issue #16).
- Add: login expiration configurable via config param (issue #17).
- Fix: toggle details/user view changes data (issue #14).
1.000 2014-12-09 11:06:38+01:00 Europe/Berlin
- Add: display nr of services in status line (issue #7).
- Add: print-button to list of email-addresses (issue #8).
- Add: name of service in rule printout (issue #11).
- Add: emails displayed are now mailto-links (issue #13).
- Fix: selecting networks change displayed services (issue #9).
0.930 2014-11-19 11:06:38+01:00 Europe/Berlin
- Fixed accidental removal of new history files.
If an owner was set up less than a year ago,
all but the last history files had been removed by daily cronjob.
0.929 2014-11-07 13:03:39 Europe/Berlin
- Again fixed bug in new cleanup script for history older than 1 year.
- No longer export artificial owner ":unknown".
0.928 2014-11-06 16:18:31 Europe/Berlin
- Fixed a bug in new cleanup script for history older than 1 year.
The script failed when started from crontab (without a terminal).
This failure also broke the general cleanup script, such that
- daily policy files were not deleted and
- mail about policy diffs were not sent.
- Fixed a bug in end-to-end search.
If only a protocol and no IP address was given,
not only the rules with matching protocol, but all rules were shown.
0.927 2014-11-03 12:42:17 Europe/Berlin
- Add: Introduced frontend integration tests.
- Add: Cleanup history older than 1 year in RCS.
- Add: Email list for supervisor shows also watchers now.
- Add: Watchers of owner with 'extend' sees other owner.
- Fix: Only send search params when searching.
- Fix: Correct sort order for service overview.
- Fix: Filter of diffHistoryCombo (and don't load combo before it is actually needed).
- Fix: Keep type of services on owner change.
- Fix: Respect case sensitivity and exact match in search ("Ende-zu-Ende"), including tests
- Fix: Bug with empty text in service details form.
- Fix: clear network resources on owner change.
- Fixed issues:
#1: Search criteria are forgotten when checking and unchecking "Expand users"
#2: Add checkbox to toggle display of filtered/unfiltered rules when performing a search
#3: Network ressources view isn't updated when changing owner
#4: Duplicate calls to backend, when changing owner
#5: Wrong service list when changing owner while search tab is active
#6: Select new owner if previously selected owner is no longer available
- Add: Ein Owner mit dem Attribut "extend_only" hat nun nicht mehr nur die Möglichkeit, die Rolle
der untergeordneten Owner anzunehmen, die im eigenen Verantwortungsbereich liegen.s
Vielmehr sieht er nun alle Dienste der untergeordneten Owner unter "Eigene Dienste".
- Die "watchers" eines Owner mit Attribut "extend" oder "extend_only"
sind nun berechtigt, die Rolle der Owner von enthaltenen Netzen anzunehmen.
Vorher galt dies nur für die "admins".
- "watcher" und "admins" werden nun zusammen angezeigt
in der Liste der Berechtigten eines übergeordneten Owners.
- In der Historie werden nun alte Stände gelöscht.
Dabei wird gewährleistet, dass noch der Stand von vor einem Jahr
angezeigt werden kann. Das gilt auch dann, wenn dieser alte Stand
beispielsweise seit 2 Jahren unverändert ist.
Wenn ein Owner vor mehr als einem Jahr gelöscht wurde,
dann wird dessen komplette Historie entfernt.
- Wenn Dienste keinem Owner zugeordnet werden können,
dann werden diese nun unter dem Namen ':unknown' verfügbar gemacht.
- Die Combo-Box für "vergleiche mit" unter "Diff" zeigt nun beim
ersten Anzeigen nicht mehr alle, sondern nur die älteren Stände an.
- Beim Export von Zonen, die durch Pathrestrictions in einen Zone-Cluster
aufgeteilt wurden, war der Name bisher nichtdeterministisch.
Das wurde behoben.
- Für Loopback-Interfaces wird keine Zone mehr exportiert.
- Wenn die Adresse eines Interface "hidden" ist, dann wird diese
nicht ausgegeben.
- Bei aktiver Suche wurde eine Regel mehrfach ausgegeben,
wenn in Quelle/Ziel das Suchobjekt mehrfach gefunden wurde.
Das ist nun behoben.
0.926
0.925
0.924
- Regeln für ein Aggregat / Supernetz werden auch dem Owner
der darin enthaltenen Subnetze angezeigt.