[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Nufw-users] [Announce] NuFW 2.4.0 is available
|
From: |
Eric Leblond |
|
Subject: |
[Nufw-users] [Announce] NuFW 2.4.0 is available |
|
Date: |
Tue, 02 Mar 2010 19:30:22 +0100 |
Hello,
NuFW development team is really excited to announce the availability of
NuFW 2.4.0. This first version of the new stable branch is the result of
almost two years of development. It contains a bunch of new features and
improvements:
* Evolutive and optimized protocol
* Filtering capabilities improvements
* Plugin support in client library
* Major code refactactoring
* And a new website: http://www.nufw.org/projects/nufw/wiki
For record, NuFW adds user-based filtering to Netfilter. Its algorithm
allows authenticated filtering even on multiuser computers. NuFW can be
seen as an Identity access management solution, at the network level.
The main new features and major improvements are as follows:
* Extensible protocol: NuFW protocol between authentication server
and clients has evolved and it is now possible to extend the
protocol via plugin (on both client and nuauth side).
* Optimized protocol: Client to authentication server protocol has
been heavily optimized for laggy network and computer used
simultaneously by multiple users. For example, on a 1 sec delay
network, authentication is done at worst in 1.2 sec which is
only 0.2 sec more than non authenticated flow. With previous
protocol authentication was done in more than 3 sec...
* Filtering capabilities improvements: Client is now computing
hash of application binary for advanced filtering. It is also
possible to use an authentication quality in filtering rules.
For example, this mean it is possible to accept a packet if and
only if the authentication of the user has been done via
certificate.
* Rewrite and code factorization: A huge code factorization and
rewrite has been done. Convenience libraries are now shared
between the different components. Cryptography can now be done
via openssl or gnutls and all components now share the same
configuration file parser.
The main changes are as follows:
* Support for plugin in libnuclient
* Improved client-server protocol
* Protocol extension via plugin
* Better performances on bad network
* Better error handling
* Filtering capabilities improvements:
* Client compute hash of application for advanced filtering
* Authentication quality support
* Configuration file for nufw and client
* New convenience libraries:
* nussl: TLS abstraction library (gnutls or openssl)
* nuconfparser: Configuration library
* nubase: Common use library
* log_ulogd2 module: log packet via ulogd2
* postauth_localuser module: sample postauthentication protocol
modification
* nufw: switch libnetfilter_conntrack code to new API
* client proto: negotiate protocol version
Best regards,
--
Éric Leblond <address@hidden>
EdenWall, http://www.edenwall.com/
NuFW, http://www.nufw.org
signature.asc
Description: Ceci est une partie de message numériquement signée
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Nufw-users] [Announce] NuFW 2.4.0 is available,
Eric Leblond <=