nodogsplash (3.3.2-1) stable; urgency=medium

  * Fix Issue introduced in v3.3.0 with the addition of Improvements towards usable IPv6 support, that caused CPD on client devices to fail with "Too Many Redirects" error. NDS now terminates gracefully with a console error if fasremoteip is set AND fasport=80  [bluewavenet]
  * Validate fasremoteip to ensure that if it is set, then it is a valid dotted format IPv4 address  [bluewavenet]
  * Numerous Documentation updates  [bluewavenet]

 -- Rob White <dot@blue-wave.net>  Tue, 23 Apr 2019 11:49:00 +0000

nodogsplash (3.3.1-1) stable; urgency=medium

  * Include preinstalled PreAuth Login script in package [bluewavenet]
  * Documentation updates PreAuth [bluewavenet]
  * Generate Error 403 Forbidden, if Gateway Port is accessed directly when FAS is enabled and client is not authenticated [bluewavenet]
  * Improve splash.css, tidy up splash/status.html, tidy up Preauth demo script [bluewavenet]
  * Remove some redundant code [mwarning]
  * ndsctl_thread - ignore interupts when returning from epoll [lynxis]
  * auth.c - use correct types to prevent cast and comparement of uint and int [lynxis]
  * openwrt/init.d - prevent start of the daemon if configuration generation fails [lynxis]

 -- Rob White <dot@blue-wave.net>  Fri, 7 Apr 2019 19:43:00 +0000

nodogsplash (3.3.0-1) stable; urgency=medium

  * Add PreAuth functionality - support for Dynamic Splash Pages, served by NDS directly [bluewavenet]
  * Documentation updates including new sections for Splash Page and PreAuth [bluewavenet]
  * Fix memory handling bug, issue #341 [mwarning] [stevo01]
  * Improvements towards usable IPv6 support [wanxewoj] [mwarning]

 -- Rob White <dot@blue-wave.net>  Fri, 15 Mar 2019 15:48:00 +0000

nodogsplash (3.2.1-1) stable; urgency=medium

  * reset upload/download counter when a client has been authenticated a second time [mwarning]
  * print sesssion duration as 0 in "ndsctl json" and "ndsctl clients" output when a session has not been started [mwarning]
  * rework html templater to speed up splash page generation [mwarning]
  * FAS documentation updates [bluewavenet]
  * Add CSS file and update splash and status html [bluewavenet]

 -- Moritz Warning <moritzwarning@web.de>  Wed, 26 Sep 2018 15:04:05 +0000

nodogsplash (3.2.0-1) stable; urgency=medium

  * Add Redirect to Status page support for FAS [bluewavenet]
  * Add iptables version check [mwarning]
  * Add ndsctl status output for FAS and Binauth status. [bluewavenet]
  * Initialize fas_remoteip with gw_address and simplify code [mwarning]
  * Fix Readthedocs updates and update Docs URL [bluewavenet]
  * Update documentation and Debian man page [bluewavenet]

 -- Rob White <dot@blue-wave.net>  Sun, 2 Sep 2018 16:09:00 +0000

nodogsplash (3.1.0-1) stable; urgency=medium

  * Integrated support for separate Forward Authentication Service (FAS), adding the following configuration options:
      fasport, faspath, fasremoteip, fas_secure_enabled
  * Modify binauth feature internally for compatibility with FAS, allowing Binauth to be used for post FAS processing
  * Implement ndsctl json filtering to return client information from IP, MAC or Token.
  * Various minor code fixes and improvements

 -- Rob White <dot@blue-wave.net>  Sun, 26 Aug 2018 10:05:00 +0000

nodogsplash (3.0.0-1) stable; urgency=medium

  * Removed settings without implementation due to the change of the http library:
      DecongestHttpdThreads, HttpdThreadthreshold, HttpdThreaddelayms
      AuthenticateImmediately, RemoteAuthenticatorAction, EnablePreAuth,
      BinVoucher, ForceVoucher, PasswordAuthentication, UsernameAuthentication,
      PasswordAttempts, Username, Password
  * Add binauth feature as a replacement for the old binvoucher feature
    * call a script with username/password to decide the authentication
  * Replace ClientForceTimeout setting with SessionTimeout
  * Replace ClientTimeout settings with PreauthIdleTimeout and AuthIdleTimeout
  * Replace infoskel.html with a templated StatusPage (default is status.html)

 -- Moritz Warning <moritzwarning@web.de>  Thu, 09 Aug 2018 12:56:21 -0400

nodogsplash (2.1.1-1) stable; urgency=medium

  * Update nodogsplash.conf for non-OpenWrt builds [bluewavenet]
  * Minor cosmetic changes
  
 -- Rob White <dot@blue-wave.net>  Sat, 12 May 2018 10:03:00 +0000

nodogsplash (2.1.0-1) UNRELEASED; urgency=medium

  * Allow firewall rule chaining, PR #231 [bluewavenet]
  * Update documentation [bluewavenet]
  * Enable TCP Fast Open, PR #237 [blogcin]
  * Avoid continuous thread creation for control interface, PR #238 [blogcin]
  * Fix possible memory corruption for long config file path, PR #240 [blogcin]

 -- Moritz Warning <moritzwarning@web.de>  Tue, 08 May 2018 19:19:00 +0000

nodogsplash (2.0.1-1) stable; urgency=medium

  * Added Forwarding Authentication Service (FAS). [bluewavenet]
  * Support for external (to NDS) authentication without using Binvoucher. [bluewavenet]
  * Fix crash when mimetype is not found. [azsde]

 -- Moritz Warning <moritzwarning@web.de>  Tue, 02 Jan 2018 08:31:52 -0500

nodogsplash (2.0.0-1) stable; urgency=low

  * replace libhttp by libmicrohttpd [lynxis]
  * implement string replace based template engine [lynxis]
  * correct gatewaymac format to (00:11:22:33:44:ab) [lynxis]
  * Allow an authenticated user to access the splashpage again. [lynxis]
  * Allow an authenticated user to deauth themself using the denydir [lynxis]
  * redirect wrong token auths to the splashpage [lynxis]
  * support config redirectURL [lynxis]
  * microhttpd: add content-type header to error messages [lynxis]
  * prevent possible divison by zero and negative durations [mwarning]
  * add debian support including systemd [efernandesng]
  * fix file descriptor leak [sfstudio]
  * update splash.html (#152) [bluewavenet]
  * fw_iptables: fix iptables syntax for 1.6.1 [mwarning]
  * fix CheckInterval option (#168) [zaolin]

 -- Alexander Couzens <lynxis@fe80.eu>  Mon, 29 May 2017 12:23:42 +0100

nodogsplash (1.0.0-1) stable; urgency=low

  * make "ndsctl auth/deauth" work with tokens [vavrecan]
  * add support for ipset [vavrecan]
  * fix segfault under high load and no daemon mode and debbuglevel 7 [hylics]
  * make "ndsctl auth" work with IP or MAC address [gazambuja]
  * allow to set debuglevel in configuration [lynxis]
  * set default loglevel from NOTICE to WARNING [lynxis]
  * fix crash when gw_mac is null [KeaneWang]
  * Fixed an overflow issue in BinVoucher when path to BinVoucher is too long [alexattws]
  * make clientmac and gatewaymac variable available in the splash page [mwarning]
  * remove static variables shared by threads to avoid race conditions [sayuan]
  * allow conditional strip of binaries in debian package [smoe]

 -- Moritz Warning <moritzwarning@web.de>  Fri, 27 May 2016 18:26:35 -0400

nodogsplash (0.9-beta9.9.9-2) unstable; urgency=low

  * Improved Debian packaging
    - policy bump to 3.9.6
    - added hardening
    - some extra work on the description
  * Added Moritz Warning and Steffen Moeller to uploaders
  * Initial release (Closes: #782736)

 -- Steffen Moeller <moeller@debian.org>  Fri, 26 Dec 2014 16:21:48 +0100

nodogsplash (0.9-beta9.9.9-1) unstable; urgency=low

  * fix regression introduced by BinVoucher feature,
    traffic was not blocked except on port 80 [mwarning]
  * make returned upload/download value by BinVoucher script
    optional, as stated in the documentation [mwarning]

 -- Moritz Warning <moritzwarning@web.de>  Sun, 15 Jun 2014 22:55:12 +0200

nodogsplash (0.9-beta9.9.8-1) unstable; urgency=low

  * send HTTP 302 instead of 307 because we use HTTP 1.0 [champtar]
  * add support for DROP, LOG, ULOG target for firewall rules [champtar]
  * remove multi-threading as libhttpd does not support it [sayuan]
  * add new parameters BinVoucher, ForceVoucher and EnablePreAuth
    in combination with per user bandwidth limitation [lindnermarek]
  * merge updates from Wifidog (1.1.3_beta6 @1162) up to @1464 [mwarning]
    * excluding commit [1375] containing feature from wifidog ticket #466
  * rewrite build system to use a simple Makefile [mwarning]
  * unify code style: astyle --style=k&r --indent=tab [mwarning]
  * send HTTP 405 for pre-authenticated non GET requests [redhotpenguin]
  * fix crash when token/redir is not set [mwarning]
  * avoid deadlocks for debug output [sayuan]
  * Debian package [sayuan]
  * OpenWrt package [mwarning]

 -- Moritz Warning <moritzwarning@web.de>  Fri, 06 Sep 2013 18:08:39 +0200

nodogsplash (0.9.9-3) unstable; urgency=low

  * Fixed buffer overflow bug in ndsctl.
  * Improved SIGCHLD handling in gateway.c and util.c.
  * Added FirewallRulesets trusted-users and trusted-users-to-router. This permits customized access control for trusted users, as for authenticated users, with the same ruleset semantics, instead of always accepting all trusted packets.
  * Added EmptyRuleSetPolicy directives for .conf file.  Permits optionally passing packets through to pre-existing firewall rules.
  * updated debian rules (for building debian package)

 -- Andraz Sraka <a@frubsd.org>  Sun, 11 Aug 2009 09:15:00 -0100
