1. freesco-038.zip Driver
2. History.txt File Contents

History.txt Driver File Contents (freesco-038.zip)

############################# Changes in v0.3.0 #############################
Oct 30 2002

Complete rewrite of the entire OS from the 02x series.

New packaging system.

Support for ten networks.

Support for ten COM ports for remote dial-in access.

Support for five printers.

Support for PPPoE and PPtP Internet connections.

Support for extra ram disks which can be used for packages on the floppy.

Changed the directory structure to mimic standard Linux systems.

33K free on the floppy disk


############################# Changes in v0.3.1 #############################
Feb 02 2003

IPSEC has been removed from the v0.3.1 kernel. This was the main cause for 
instability on ${some:-most} systems.

PPtP masquerading has been removed from the kernel. This is necessary for 
keeping a large number of errors from filling the logs when running PPtP.

The masq table has been increased from 4k to 16k in the v0.3.1 kernel.

PPtP support has been added. However testing of this mode has been very 
limited.

"pppd" has been downgraded to 2.3.11. This was required to stabilize the 
dial-in as well as space requirement for PPtP and mppe.

There have been numerous other small changes to many other scripts to repair 
bugs. Too many to even remember them all. As well as probably some new ones 
added.

31K free on the floppy disk


############################# Changes in v0.3.2 #############################
Jun 20 2003

New stable DNS server dnsmasq version 1.12

ISA PnP is now built in. This will initialize network cards and any other ISA 
PnP device.

Added a lot of logging options.

Some minor code cleanup and formatting to the control panel.

Cleaned and condensed "rc_masq".

Fixed dial-in and null modem connections.

Fixed PPPoE password problem.

Fixed "pkg" command.

Fixed the "mv2hd" command to allow overwrites without problems.

Fixed the "dyndns" script so that it will update correctly with a new IP. I 
also added a force command to the dyndns update, so that if there is a 
failure in the update system you can use "dyndns -f".

Fixed the advanced "diald" options and added a new one for setting the first 
packet timeout.

Updated "synctime" to allow for failures not to modify the system, as well as 
repaired the logging format.

The kernel now has two additional patches. The icmp leak patch and the kernel 
part of mppe for PPtP users.

Recompiled "pppd" for mppe support, still 2.3.11.

Added "peerdns" for dialup, PPPoE, and PPtP users, so that the ISP DNS 
servers can be assigned dynamically rather than having to be hard coded into 
the setup. A minimum of one still has to be defined manually, but it is 
overwritten upon a connection if this is enabled.

34K free on the floppy disk


############################# Changes in v0.3.3 #############################
Jun 24 2004

033 has all of the current bugs in 032 repaired as well as new features which 
include:

A new version of "dnsmasq" version 1.14 which solves the problem of a blank 
dhcpd.leases file. Thanks to Simon Kelly.

A new filter.cfg as well as repairs to "rc_diald" so that dialup Internet 
connections will timeout correctly and the filter.cfg is actually used.

The hard drive sleep mode has been fixed with the removal of the "update" 
binary.

Modified "useradd" and "useredit", so that users defined without a home 
directory are given a generic home directory and do not default to the root 
directory. The control panel has been modified to reflect the changes to the 
"useradd" command.

Capability to trust local networks on an individual basis, so network 2 and 3 
can be trusted while network 4 is not. This feature is especially useful for 
building new unpatched machines in a hostile environment or isolating 
infected machines to facilitate their repair.

Boot speed has been improved dramatically, so that 033 can run effectively on 
a 386 as well as much quicker on any speed CPU. Shutdown speed has been 
increased to around 5 to 10 seconds on any speed CPU. Your mileage may vary.

Dial in RAS services no longer effect dialup, PPPoE, or PPtP, as was with all 
previous versions of FREESCO including the 02x series. If a dial in user 
connected and then requested a dial out or PPP connection of any kind, the 
masq file would not function with the correct ppp# interface. This problem 
has now been corrected and regardless of the ppp# interface the external ppp# 
connection it will be reflected in all other scripting and firewalling.

New feature added which is the ability to turn off the RAS server. RAS dial 
in server has been rewritten to not require the client to use a script. This 
means that it uses standard pap authentication and any Windows client can 
just use a username and password added to their standard dialup connection to 
connect to the FREESCO RAS. This also applies for FREESCO to FREESCO 
connections. A dial in user must be created for any dial in connection. 
Scripting is still an option for dial out, but only pap authentication for 
dial in.

The "mgetty" script has been changed to include null modem connections as 
well as dial in. This solves the previous timeout issues in 032 for null 
modem connections.

Debugging is now added for chat in the RAS as well as dialup mode.

DHCP has now been enabled for PPtP and PPPoE connections. As with previous 
versions the ENADHCP0= variable was ignored when in PPtP or PPPoE mode. Now 
it is possible to have both if the ISP requires it for the main PPP 
connection. DHCP logging capabilities have been enabled in the setup. There 
is also a new DHCP mode that can be used. If you install only one network 
card and configure as an ethernet router or server, then the DHCP server will 
give out the true upstream gateway rather than defaulting to FREESCO's 
internal IP to all clients that connect. In this mode the caching DNS server 
can also be used to resolve internal names.

New feature; static DHCP leases can now be added from the web control panel 
rather than only through the setup program. This was a request that seemed 
reasonable.

The defaults are now in "minicom" so that when it is used without parameters 
it will use the default modem rather than always requiring a device to be 
stated.

There is new a test mechanism for the "rc_masq" in the "rc_main newip" so 
that when the newip is called from the "ip-up" script that there cannot be 
more than one instance of it running at a time. This has been a bug in the 
03x series that caused PPPoE routers to fail connectivity at the first boot, 
because before the first usage of "rc_masq" had finished it could on some 
machines start it again when the connection came up and therefore create all 
kinds of duplicate and bogus information, thus causing complete failure until 
the firewall was ran again manually.

A change to the "passwd" function is so that normal users are now allowed to 
change their own password rather than only root being able to change 
passwords.

A small bug in the "pkg" command is now fixed so that when a package is saved 
it is no longer executable. This was a problem if the user stored them in the 
/www directory or any subdirectory for the HTTP server.

The /www/cgi/example script has been removed. It was brought to my attention 
while doing a search for FREESCO that this script is in reality a breach in 
security if the user has their default web browser open to the world. The 
script is now gone and therefore removes the vulnerability. There also is a 
change in the /www directory; it is not a symlink but rather a ram directory 
and in the setup if the www server is enabled the question is asked if a 
permanent www directory is wanted. At that point a /boot/www directory is 
created if the user answers "y". This directory is also created by default if 
the system is moved to a hard drive.

Changes to the command prompt. I think everyone will like the new one.

New feature in the "mv2hd" command allow a user to restore a previous .bak 
copy of FREESCO.

Ram disks have now been repaired so that the check date will never expire and 
cause errors in the log as well as a minor increase in its size to 3MB 
unformatted.

A new 2.0.40 kernel that has tested very stable even with PPtP and IPSEC 
enabled, Although neither of these options are enabled by default. loose_udp 
has also been disabled as it was linked to problems with FTP downloads 
failing on long file lists.

033 has all of the features that 032 has as well as the new features and bug 
fixes listed above. 

88K free on the floppy disk


############################# Changes in v0.3.4 #############################
Mar 25 2005

The telnet server and client have been removed and replaced with "dropbear", 
which is a SSH server and client. This SSH server is also capable of both 
client and server TCP port forwarding. This allows for floppy users to open 
this server to Internet access and still have security with encryption, along 
with SSH tunnels to the local network.

Two new options, one to disable root logins with the FTP server and the other 
to disable root logins with SSH.

The local ban can now also be a local allow. This allows a user to ban their 
entire local subnet and then allow just the IP addresses that they want to 
give access to the Internet. This still allows all local users to access 
FREESCO and any servers running. The banlist.cfg has been replaced with 
restrict.cfg to clarify the ban/allow changes and in the file format along 
with some minor changes to the control panel. ALL of the ban/allow commands 
can be time based rules with the addition of a start and stop time. This time 
format is based on hours and minutes of the day where the range is from 0000 
to 2359 and also includes an optional day format, so that rules can be day of 
the week oriented as well.

A new DHCP server mode. You can now set the DHCP server in "s" server mode. 
Previously in 033 this was done automatically if there was only one network 
card installed. Now this mode can be used on multiple interfaces. What this 
mode does is if FREESCO is NOT your ISP connection, then it can still act as 
a local DHCP server. Added some new checks in the "rc_dhcpd" to prevent the 
server from running on the external interface when it shouldn't.

A new shutdown sound if diagnostic beeps are enabled in the advanced setup. 
This enables a user without a monitor to know when the machine is completely 
shut down.

A new read only disk option. This option can move a hard drive install to a 
ram drive the same as previously available with floppy installs. The only 
restriction is that the hard drive install including packages is small enough 
to fit into the ram drive excluding the kernel and ram disk size. This means 
that the system will run entirely in ram with absolutely no disk activity and 
it will be impervious to power failures or improper shut downs which cause 
disk corruption as well as absolutely no disk activity when FREESCO is 
running.

A new SMTP client that can email logs to a specific recipient rather than 
deleting them when the size limit is reached, as well as the ability to email 
the external IP address at each connection time or any time it changes and 
the ability to email a report.txt. This makes managing a remote system 
possible as well as easily monitoring its status.

A new feature to save logs to root's home directory when FREESCO is installed 
on a hard drive, along with being able to remove logs older than the number 
of days that you specify with a special command that can be included into a 
crond job.

A new option in the setup to add additional ports to stealth. With this 
feature it is possible to completely stealth your router as long as all other 
security settings are also set in secure mode. Additional firewall rules to 
stealth server service ports when set in secure mode.

All default configuration files are now hard coded into the ram disk. This 
means that if a configuration file becomes corrupt or if anyone makes changes 
that cause the file not to function. All that is required is to delete the 
file from the /boot/etc directory and reboot the router. The original will be 
in the /etc directory unmodified. This applies to all original files in the 
/etc directory.

Two new ram disk sizes: 8MB and 16MB ram disks can now be installed. 
Previously only 2MB and 4MB ram disks would install. The 2MB ram disk has 
been removed with these two new additions along with only installing one ram 
disk rather than two. Previously ram disk #1 was almost never used by the 
system other than for /tmp directory space. This change has also raised the 
minimum memory requirement to 20MB before a ram disk will install. Also, a 
new option to restrict the maximum ram disk size to just one 4MB ram disk 
regardless of the system memory detected is available.

Changed the "rc_dhcpd" to remove dynamic DHCP leases any time a static DHCP 
lease is added with the same MAC address.

More floppy formats are now supported: 1440, 1680, 1722, 1743, 1760, 1840, 
1920, and 2880.

More hard disk partitions are now supported by default: hda, hdb, hdc, hdd, 
sda, sdb, sdc, and sdd with partitions from 1 through 7.

034 will now mount from any device and file system that is supported by the 
kernel. A DOS file system is still required for the "mv2hd" command. However, 
other formats can be used with a custom installation, such as ext2 which can 
be used with the add-on ext2-0.3.4-lewis package which will install on ANY 
running (Internet connected) 0.3.4 floppy.

Changed the /etc/rc file so that non-standard floppy formats will respond the 
same as a standard 1.44 floppy. Also floppy drives that are not on the first 
device "fd0". This means that when booted from fd1 or fd0u1680 FREESCO will 
still respond correctly.

Changed the "rc_eth" file to ignore incorrect gateway settings when entered 
statically or through DHCP from a misconfigured ISP DHCP server.

Enabled the DHCP client logging in the setup and system.cfg file which had 
not been enabled in previous versions of the 03x series. Repaired the colors 
in the setup which has been a bug since FREESCO was first released (All 
previous versions), so that yellow is really yellow. Added emailing a 
report.txt directly from setup.

Changed back to the 2.0.39 kernel to resolve the PPP problems in 033. This 
also means that all packages for the 03x series will run as well as the 
modules-03x.zip can be used for network drivers and all of the 032 kernels. 
If anyone is currently using a DX based processor there is a kernel.dx 
included in the zip file that can be copied to the floppy and the only 
difference will be that you will have a 20K increase in free disk space. Both 
new 034 kernels are also PCI optimized so 034 should perform better on PCI 
based systems.

Changed the password file for the root user to now have a home directory of 
/home/root, rather than just using / as the home directory. This change was 
required for the SSH client to retain any public key files as well as 
improvement for other applications that use root's home directory for 
specific user settings. This is also the storage location of log files if 
that option is enabled.

Upgraded "dnsmasq" to version 1.17 which fixes a significant number of bugs 
from 1.14, along with increasing the default cache size to 600.

Upgraded "dhcpd" to version 2.0pl6 from b1.18 which fixes a number of old 
issues along with a security patch. 

Upgraded the "dhcpcd" client daemon to version 1.3.22pl4. Thanks to Dingetje 
for help with compiling it.

Upgraded "pure-ftpd" from version 1.0.12 to 1.0.20.

Upgraded "thttpd" from 2.05 to 2.25b.

Added user home web directories which can be enabled and accessed at 
http://your.router/~UserName. Removed /home directories for RAS (dial in) 
clients.

Added bandwidth control for the web server. Which means if you want you can 
restrict the web server so that it can never use more than the amount of 
bandwidth that you choose in Bytes per second.
 
Added options to the firewall setup so that all of the helper modules can be 
selected independently of each other. In all previous versions of FREESCO, 
all of the modules were loaded automatically, but as each module decreases 
security it is now an option to only load the ones you really need.

Added a firewall rule to prevent external "smurf" attacks as well as external 
IP spoofing.

Recompiled the "pptp" binary with better optimization flags to improve its 
size.

One minor text color fix to the "a:" command as well as being able to mount 
any fd1 or special floppy formats with the addition of the device name after 
the "a:" command. Such as in "a: fd1" or "a: fd0u1680".

Changed the "cp-rf" command so that it can now copy files and directories 
with spaces in the names.

Changed the "rc_dns" so that special static DHCP leases will be incorporated 
into the /etc/hosts file correctly for DNS resolution. There has also been a 
change so that the DNS server will always resolve the same IP for its own 
name. This resolves the problem of separate subnets that are not trusted to 
always get the correct IP address for the router as well as any dyndns 
clients that may be installed.

Up to four different ISP DNS servers can be defined either statically or 
dynamically from the DHCP client or through the PPP client. These can either 
be used by the local caching DNS server or parsed to the clients with the 
DHCP server if the caching DNS server is disabled.

Increased the ram0 to 3Mb formatted rather than 3Mb unformatted. This 
increase still allows FREESCO to run on 8MB of ram.

The dynamic DNS client now supports DynDNS, ZoneEdit, and DHS service 
providers.

Moved the /boot/rc directory into the ram disk. This provides a much faster 
boot for the floppy as well as providing a HUGE gain in disk space which was 
required for the above improvements and changes. This change will affect all 
lprng and Apache users, however it can be worked around, Dingetje has stated 
he would repackage them both for compatibility with this version and anyone 
using an older version of these packages can simply copy the /rc/rc_lpd and 
/rc/rc_httpd to the /pkg/rc directory after the package is installed or 
before an upgrade to this version is attempted. ANY built in /rc/rc_? file 
that a user wants to modify, excluding the rc_user file which is still 
available for editing can be copied to the /pkg/rc/ directory and then 
modified. All files in /pkg/rc/ will over ride any default rc_? file in the 
/rc/ directory.

Moved the control panel /boot/wwa directory into the ram disk. This change is 
primarily for a 20K gain in disk space, but it also increases control panel 
access times and helps prevent unnecessary disk activity. Also some new 
functions in the control panel to email a report, netinfo, or the current 
logs.

Changed the initial boot up parameters so that a "mv2hd" can be done before 
any type of configuration has been made and the system will still recognize 
that it has never been setup and go into the setup mode on the hard drive. 
This change is/was not required for this version, but for those with less 
than dependable floppy drives it may be needed. It may also be useful in 
future versions where space constraints are possibly to high in some 
configurations.
 
50K free on the floppy disk.


############################# Changes in v0.3.5 #############################
Apr 06 2006

Removed the ip_masq_cuseeme.o module. This module has never been configured 
or used in any version of FREESCO, so there was no reason to leave it 
installed.

Repaired bug in the setup for adding extra SSH options.

Repaired "useradd" script to chown the user’s web page correctly.

Repaired carriage return needed in the /etc/group file for FTP users.

Repaired "rc_masq" DHCP server problem when local networks are not trusted 
and the DHCP client is not enabled and also allow ping responses through the 
router for PPPoE and PPtP users in some machines.

Repaired "fd" leak when using SSH with the -L and -R flags at the same time.

Repaired the "pppoe" binary to remove some compiling errors, thanks to 
justdave.

Repaired the "pptp" binary to remove some compiling errors, thanks to 
justdave.

Repaired security problem for dial out control users in the FTP server.

Repaired "ifconfig" to no longer report a 10Mb connection.

Repaired bug in the Dropbear ssh client, so that unknown hosts can be added 
automatically to the trusted hosts file.

Repaired a bug in the control panel when trying to remove a single entry that 
included a subnet "/", which caused the restrict.cfg file to be erased.

Repaired memory fault when trying to view a very large restriction list in 
the control panel.

Repaired "ps" command to work with non root users

Changed the "rc_net" script so that aliased interfaces can be enabled in the 
advanced network the same as normal interfaces and added aliased interfaces 
into the list of options in the setup as well as the "dummy" interface which 
can be used when no network cards are installed on a strictly RAS dial in 
server.

Changed the "snarf" binary to repair the dyndns client so that all usernames 
and passwords should function correctly.

Changed the DNS server to give out the correct IP address for the interface 
it is requested on as well as for local dyndns URL's if they are enabled. 
Thanks to justdave for modifying the "dnsmasq" source code to accomplish this 
as well as optimizing for size by removing unneeded options.

Changed the built in web server to be more CGI friendly, so it will now 
execute all .cgi files and not just limited to the /www/cgi directory. Also 
changed the directory listings so they can be customized with a style.css 
file and added the custom error pages option to the default server so that if 
you create a /www/errors directory and put error files in it such as 
err500.html it will be displayed when error 500 is sent from the server 
rather than the built in page. Some optimization for size, thanks to justdave 
for his help.

Changed the dyndns updates to every fifteen days rather than once a month 
which would caused a warning email from dyndns about "your account will 
expire, if not "updated". Also changed the default crond entry to check for 
updates every day rather than just at the beginning of the month.

Changed the default color scheme of the control panel.

Changed the FTP syslog facility for logins so they are now recorded under 
"auth" rather than "info". Also optimized the FTP server for size, thanks to 
justdave.

Changed "rc_ras" to be able to be restarted when the primary configuration is 
set to any kind of PPP connection without stopping the primary connection.

Changed "ile" command line history from version 2.01 to version 2.7-Freesco. 
This change was to reduce the code size by removing unused options as well as 
to repair the code so that tab completion works and double tab shows all 
available command options was added. Also repaired the delete key so that it 
functions properly, as well as the HOME and END keys. Thanks to justdave for 
modifying and correcting the source code.

Changed the lpd server to version 1.4-Freesco and customized the binary 
specifically for FREESCO. The new lpd server runs on one port (515 by 
default) and has multiple queues that can be assigned for different printers. 
Up to ten raw queues and ten feed queues can be assigned. These queues can 
either just be different names for the same printer or they can be for 
separate printers. The new lpd server resolves the problems with NT/2K/XP 
systems being able to use more than just one printer. Thanks to justdave for 
his assistance modifying the source code.

Changed the "logrotate" script into a binary. This change reduces the 
standard CPU usage by 65% which greatly increases performance on minimum 
hardware over all previous versions of FREESCO. Thanks to justdave for his 
help creating the new binary.

Changed the advanced network setup auto configure option to recognize 
existing subnets and not duplicate them for the network being configured as 
well as asking for the DHCP range desired.

Changed the /etc/profile so that if the root user is disabled then the user 
who has root privileges is still treated the same as the original root user.

Recompiled "pppd" and removed IPX support as well as some extra superfluous 
words in error messages to optimize for size.

Added scripting in the "rc_masq" to prevent the firewall from running more 
than one restart at a time. This prevents automatic as well as manual 
restarts from causing networking problems.

Added a new script "remotelog" this script is capable of sending real-time 
logs through a SSH session so that logs can be viewed remotely in real time 
the same as screen 3. Just login to a remote console and type "remotelog" to 
activate it.

Added the shaper module and "shaperctl" to control local bandwidth. This 
module is capable of being configured to limit download bandwidth for all or 
just some clients. Upload bandwidth can be controlled on a site-by-site 
basis. Allowed control speeds are from 9660bps to 250000bps. This option is 
still experimental and not all of the problems or quirks have been worked out 
yet. So even though it is included it is not recommended to enable it for 
general use.

Added PPtP multi-client support to the default kernel and removed the log 
errors when a PPP primary connection is used. Also removed the loose_udp 
option which was causing some connection stability problems with certain 
applications.

Added getting the external IP address remotely into the dyndns script. This 
solves all problems when FREESCO is running behind another firewall, or 
through a DSL modem and anytime FREESCO has a local IP on the external 
interface it can retrieve the true external IP address for an update. 

Added color enhancements to the setup script.

Added MAC address translation into the access control so that MAC addresses 
can be used the same as IP addresses.

Added a MAC address monitor, so that FREESCO can watch the local network for 
any new machines connected and if a new machine connects it accesses the 
restrict.cfg and resets the firewall if that MAC address is in the file so 
that restricted or allowed MAC addresses are added to the firewall rules with 
their true IP address. This feature is automatically enabled when MAC 
addresses are used in the /etc/restrict.cfg file instead of IP addresses.

Added a "Connected clients" button to the control panel. This uses the "arpf" 
binary and will show all of the clients on all subnets connected to FREESCO. 
"arpf" is a customized and stripped version of arp 1.84.

Added viewing system saved logs in the control panel.

Added individual allowed login times for all RAS users, so that each user can 
be restricted at different times. Also added a connection time limit for RAS 
users so that a maximum connection time can be set on an individual basis.

Added a PPP monitor that is capable of monitoring ethernet PPP connections 
and restarting the connection if it fails.

Added the ability to choose whether to try and stealth or reject ports in the 
firewall. Rejected ports create less network traffic, but stealth may be 
desired in some cases. The new firewall defaults to "reject".

Added "scp" (Secure Copy Protocol) binary, and optimized Dropbear for size 
with the help of justdave. Also added multiple patches to fix various minor 
bugs in Dropbear as well as some minor modifications to show logins in the 
correct location with the log facility. Also added the most recent security 
patches.

Added the ability to customize the color scheme of the control panel in the 
advanced setup.

Added an option to disable the modem speaker for RAS connections.

Added "ile" command line history to always be enabled in setup mode.

Added statistical information into the login log for RAS users so that the 
received and sent bytes are logged as well as the total connection time.

Added hardware information into the advanced setup that displays the detected 
CPU and PCI network cards as well as memory and IO ports.

Added enabling and disabling package firewall rules from within the advanced 
package setup.

Added an option in the DHCP server to configure a WINS server in DHCP leases 
that is installed and configured directly on the router (such as Samba).

Added a network statistics monitor to screen 5. This monitor displays real 
time statistics for all network devices. This monitor is enabled by default 
but it can be disabled in the advanced setup.

Added a test into the setup to hopefully reduce the number of users who use a 
fully qualified domain name on their routers.

Added an option into the FTP server to adjust the number of connections from 
a single IP address rather than the previously hard coded maximum of two.

Added FTP bandwidth control.

Added a test into the advanced network DHCP range setup so that incorrect 
entries are no longer accepted.

Added a new mode to the DNS server, "e" mode which means (secure exclusive). 
This new mode forces clients to exclusively use the built in caching DNS 
server as their only DNS server. The new mode is intended for use with the 
DNS configuration file so that if specific URLs are defined with an IP in 
that file, the clients cannot use another DNS server to resolve the name 
differently. This mode is very useful for unwanted URLs and or parental 
control.

Added bringing up a "dummy" interface when a DHCPOFFER fails on the external 
interface. This allows the entire internal network to function correctly and 
continue to try for a lease in the background. Once a lease is obtained the 
"dummy" interface is removed and the system starts using the normal Internet 
interface with full functionality at all times.

Added a security warning if the web control panel is enabled world wide 
visible.

Added a security warning if the DNS is enabled world wide visible.

Added the ability to change the web control "admin" user-name to any user-
name of your choice in the advanced setup.

Added the ability to disable the console super user "root" and create a new 
super user with the user-name of your choice in the advanced setup.

Added a new animated boot logo to the main boot process screen as well as 
some format changes to the starting screen.

Added exporting the network/subnet in the firewall as a variable named $NET#, 
where # is a number between 0 and 9 and represents the network#. This allows 
for very specific firewall rules to be placed in any rc_? script easily.

64K free on the floppy.


############################# Changes in v0.3.6 #############################
Sep 07 2006

Repaired comma syntax in the setup.

Repaired routing problem to PPPoE modems when the "route" option is enabled 
so that direct access to the modem control page is allowed for all trusted 
internal networks. This means that setting a single network as untrusted 
removes that network's access to the modem's control panel even when the 
route is enabled.

Repaired "pppmon" to function correctly, also integrated it into the "rc_net" 
script so that the entire network is not restarted when it is called from 
pppmon and it only kills the "pppd" process. This also keeps all of the 
network statistics intact for all of the interfaces. The "rc_net" has also 
been changed so that it does not kill the "pppmon" process when it shuts down 
when called from "pppmon". Changed the timeouts in "pppmon" so that "pppd" 
has control over most connection issues except when it is unable to recover 
the connection itself. Added an lcp-echo-interval and lcp-echo-failure time 
limit into the "pppd" options for PPPoE connections. The new integration and 
changes should make ethernet PPP connections much more stable as well as 
reliable even on systems with less than reliable service.

Repaired -b flag error in the "pkg" script when installing a ram disk 
package.

Repaired the WLDC= variable in the dyndns script so that wildcard=on can be 
enabled through the client. Also repaired a small bug in the dyndns script 
which caused an error the first time it is ran. Some scripting changes to 
reduce the total script size.

Repaired the web server to execute CGI scripts when user web pages are 
disabled. This repair adds a new flag to "thttpd", the -W command line flag 
now has control over enabling user web pages. Thanks to justdave for the code 
changes.

Repaired the "userdel" script to delete FTP users rather than reporting the 
user does not exist.

Changed the default IP and network range for all Ethernet PPP connections as 
well as added a modem IP section into the setup anytime an Ethernet PPP 
connection is enabled with the "add route" option. This is due to larger 
numbers of modems defaulting to the 192.168.0.1/24 IP/subnet from the 
factory.

Changed the update file for the dyndns client so that it uses a separate file 
for storing current update information. This resolves a problem if the 
machine runs out of disk space and cannot store the update information. The 
primary configuration hard copy for the dyndns client is still intact; the 
update information is current in the ram disk but lost from being stored 
permanently. The client is still usable from within the ram disk and can be 
used by the system until a reboot which would reset the update information 
when there is no disk space available for permanent storage of the data.

Changed the "ip-up" and "ip-down" into a single script to reduce code as well 
as some minor changes to integrate "pppmon".

Changed the way modules are loaded in "rc_boot" which increases boot speed on 
all routers with PCI network cards and will not decrease it for ISA cards.

Changed the "useradd" script to show the category a user is in rather than 
all users in one category.

Added the /pkg/bin directory back onto the floppy to resolve problems with 
some packages that need the directory.

Added DHCP client support for network #0 when running as a dial-up or leased 
line router.

Added an option into the setup to enable or disable port forwarding 
completely rather than having to remove the port forwarding entries in the 
configuration file.

Added a safety check into the setup so that when using "q"(quit), if there 
has actually been any changes to the configuration you are prompted and told 
there have been changes and gives the option to save the changes or not. This 
prevents forgetting you changed something and makes the setup more reliable 
especially in the first time setup mode.

Added an animated penguin into the boot logo screen. Definitely not a 
critical addition, but it looks pretty neat and as long as space constraints 
don't get to high it will stay.

Added the "nice" binary to reduce CPU usage for scripts that would normally 
use 99% when they are activated. This is primarily used for the clock screen 
saver but it is also used when "pppmon" is running. It also can be used for 
any client applications when CPU usage is too high or you just want to reduce 
that application's CPU usage in general.

Added a clock screen saver, the new clock has both 12 and 24 hour display 
options in the advanced "savers" section of the setup.

Added a "shutdown)" option into the /rc/rc_user script. This addresses 
problems when mounting another drive or partition in the boot) section and 
provides a location for unmounting it. As with the boot) option being the 
first thing that is executed at startup, the shutdown) section is the last 
thing executed at shutdown time.

Added the "usleep" binary so that specific wait times can be timed in 
milliseconds instead of just seconds.

56K free on the floppy.


############################# Changes in v0.3.7 #############################
Mar 09 2007

Removed /etc/mtab support because this information is duplicated in 
/proc/mounts.

Repaired the long delay when shutting down when the send logs is enabled and 
there is no email server available. Thanks to Dingetje for creating the new 
smtpchk binary and making this possible.

Repaired the firewall so that VPN packages can use encryption. This 
specifically relates to the PoPToP package. This repair should also resolve 
problems with Internet phone services. If you run the PoPToP package you 
should upgrade to poptop-1.1.3i-lightning to be compatible with 0.3.7.

Repaired the long-standing problem of the login timeout when running in setup 
mode or during the first time boot procedure. The flying penguin screen saver 
is also automatically activated in this mode with two minutes of keyboard 
inactivity and "ile" command line history is also loaded.

Repaired the date problem in the "smtpclient" email header.

Repaired the "dyndns" client to update correctly the first fifteen days of the
year rather than every day the first fifteen days.

Repaired a problem with "rmlogs" when dealing with cross yearly logs that
caused all logs to be removed when matching the previous year.

Repaired a long standing bug in the "pkg" command when mis typing a package
name or URL, there would be a random number of different errors without a clear
statement of the problem.

Repaired a bug in the control panel un-ban  function that did not allow the use
of spaces and reporting entries as being removed when they did not exist.

Repaired a visual bug in the rmlogs script that allowed it to run a floppy or
ramdisk installs when no logs are present and an error message was produced.

Repaired bug in the control panel that prevented the use of commas when matching
entries for removal in port forwarding.

Repaired a bug in the setup that caused the DNS servers to show as not being
changed when running an Ethernet router with DHCP enabled and not using DHCP
to set the DNS servers.

Changed "busybox" from version 0.26 to 0.60.5 with a lot of changes to the
source code to a revision of 0.60.5f. Thanks to justdave for a number of
repairs and changes to the code. There have also been a lot of changes to
keep backward compatibility and additional source code for enhanced new
features.

Changed the "runchk" script to use the "pidof" binary instead of checking the
/proc directory for running processes so it runs more efficiently.

Changed the "killall" script to use the "pidof" binary instead of checking 
the /proc directory for running processes so it runs more efficiently.

Changed the "cp" binary to now support recursive copies with the -R flag.

Changed the initial animated boot logo to provide a much smoother animation 
and "lightning" ;-)

Changed all of the saver times into minutes rather than each function being 
in a different time format.
 
Changed "init" to run as control for the login ttys instead of a daemon 
agetty shell.

Changed the shutdown process to use a single script ("rc_stop") during 
shutdown as well as an extra option when un-mounting the drive so that a 
primary ext2 partition can be remounted read-only if it is unable to unmount.

Changed the "touch" binary so it now creates files if they don't exist.

Changed "umount" which repairs a bug when unmounting drives or loop devices 
multiple times so that devices are released.

Changed the "klogd" binary so that time zones can be used and kernel logs are 
displayed with the correct time zone offset.

Changed the "mv2hd" command so that multiple backups can be created or 
restored using different backup names. There is also a test so that previous 
backups will not be over written with new backups unless the user wants to 
overwrite it.

Changed the "shell" boot mode to now require a user-name and password. "ile" 
is also automatically loaded for command line history. This is a less 
convenient method but it does add a lot to the system with regards to 
security for systems that might be in a compromised environment.

Changed the control panel so services that are disabled in the setup are 
shown as being disabled, and their control functions are removed.

Changed the advanced network setup auto configure option to now have a 
disable option for the DHCP pool.

Changed "uptime" from a script to a binary so that it now can use the time 
zone file and shows uptime accurately with the new time zone feature.

Changed the "ls" command to now sort in alphabetical order as well as some 
color enhancements for directories and symlink directories to show the 
difference.

Changed "synctime" to now show its output on the command line as well as in 
the logs. There is also a test at boot time to restart the firewall after it 
has synchronized the correct time if there are any time restrictions in the 
restrict.cfg

Changed the control panel so that ALL colors and fonts can be changed in the 
style.css file.

Changed "ping" so it now returns an exit code of 1 if the ping fails.

Changed the report.txt format from line feeds to line feeds and carriage
returns so that DOS/Windows machines can view them in the correct format.

Added the "echo" binary so it now supports the -e flag and supports all of 
the normal inline commands.

Added the "traceroute" binary to track routing problems.

Added the "cmp" binary to compare text files for differences.

Added the "pidof" binary to efficiently return the pid(s) of running 
programs.

Added a telnet client.

Added the ICMP patch to ipfwadm 2.3.0 so that ICMP packets can be masqueraded 
and reduced the code size.

Added uptime information such as the number of days the system has been up 
and the system load average into the initial control panel startup screen.

Added the flying penguin screen saver so that there is now two built in 
screen savers as well as an option to enable any type of third party screen 
saver that you have installed.

Added static and custom DNS support into the dynamic DNS client for 
dyndns.org users as well as domain-dns and loopia client support.
There is also a special new mode called "unsupported". This means that you can
create your own client command line for the update with unsupported services.
There has also been a rewrite of the dyndns script for a more modular design
which should be simpler to make modifications and add other features. Added a
smtp check so that if the mail server is not available an email of the current
IP is not sent when the option is enabled.

Added the "random" binary.

Added the "gunzip" binary.

Added disabling web control panel add-ons when disabling a package in the 
advanced package setup.

Added an option into the firewall so that symmetric masquerading can be done 
on internal networks the same as Internet traffic is done. This feature is 
actually the way the internal network worked in previous versions of FREESCO 
v0.3.4 and less. This option can be enabled by using an "s" flag when 
enabling the firewall.

Added time zone capabilities. Included in the modules-037.zip are all of the 
available time zone files. All that is required is to copy the correct time 
zone file for your region to the floppy in the a:\router\tmz directory and 
FREESCO can automatically adjust for daylight savings time. If disk space is 
very limited you optionally can still use the old method of manually setting 
the UTC time offset in the setup and manually adjusting it for daylight 
savings twice a year.

Added an option to check a URL for patches as well as install them in the 
advanced setup package menu. The default is set to www.freesco.org, but there 
is an option to change it if necessary.

Added "nslookup" to lookup names and IP addresses.

Added a new directory to the floppy. The directory is a:\router\cpc and it is 
used for making permanent changes to the web control panel. This is primarily 
intended for color changes and for adding images as well as other 
enhancements or changes to the control panel login page, but it can be used 
for much more complex changes to the control panel as well.

Added authentication to the SMTP client so that if a users email server 
requires authentication to email the logs, report.txt, or external IP the 
client will still work. Thanks to Antoine Megens a.k.a Dingetje for adding 
this to the smtpclient.

Added ISP dial-up connection statistics. This separates connection time, 
bytes sent, and bytes received for each ISP account on a monthly basis. This 
is a control panel item as well as a command line item with "ispstats".

Added RAS user connection statistics. Time, bytes sent, and bytes received 
are shown for each RAS user as a monthly total. This is a control panel item 
as well as a command line item with "rasstats".

Added the "setleds" binary.

Added turning NumLock on by default at boot time and an option in the advanced
extra settings menu to disable this feature if the behavior is not wanted.

Added a link monitor that turns the keyboard caps lock LED on when an 
Internet connection is up on ethernet PPP and dialup routers and off when 
the connection is down.

Added an editor option to choose the system editor in the advanced setup. This
option is by default set to /bin/edt, but it can be changed to any other editor
you have installed.

Added an image to the control panel login along with a completely new color
scheme and additional items in the default style.css file.

Added an option to activate and preview screen savers in the primary and
advanced setup when the screen saver is enabled. Added a warning and code to
prevent the screen saver from activating when any keyboard LED application is
active.

Added an SFTP server.

Added an option in the advanced package menu to install the Official ext2
package from the default patch/ext2 URL.

Added a configuration option for internal Oidentd clients that are masqueraded
through the firewall when enabling the Ident server.

Added new event sounds for internal DHCP leases, external PPP connection down,
failed ISP DHCP leases, and firewall logged hits.

Added sound samples to the advanced setup when diagnostic beeps are enabled so
that each sound is played with a text description of the event.

50K free on the floppy disk.

############################# Changes in v0.3.8 #############################
12/07/2007

Repaired editing the oidentd configuration from within the setup.

Repaired system boot log time anomalies when using a timezone rather than a
static time offset so that all log entries are using the same time offset.

Repaired the first time boot ringtone tune.

Repaired the "memory fault" problem when the system is loading modules at boot
time and using uncompressed modules in the "drv" directory. This involved
repairing the exit code for the zcat binary when trying to uncompress a non
compressed file.

Repaired the system so that when the utils package is installed the "who"
command shows the proper users logged onto the system. This required updating
"agetty" to version 1.91b so the utmp and wtmp files are updated correctly.

Repaired a bug in the dyndns update script that caused the IP to be emailed
every time the client was ran rather than just when the IP address changed
when the email external IP address option was enabled. This bug also caused the
primary dyndns client not to continue trying to update the server when it was
also enabled and it failed to update correctly the first time. The new client
will only send an email if the IP address changes or the -f force command is
used and does not send emails due to the standard fifteen day dyndns client
update process.

Repaired the backup command to include the .htaccess file onto the backup
floppy so that control panel passwords are included in the backup.

Repaired the disk unmounting problem when running on a hard drive and running
packages that replace some of the system libraries.

Repaired a bug in the arpmon script that caused the script not to function
correctly.

Repaired a bug in the mgetty script that caused the silent modem negotiation not
to function for dialin users.

Repaired the rc_ras so that the ms-wins entry is removed when there is no local
or remote WINS server.

Repaired bug in the hard drive sleep timeout when the drive sleep timeout is set
above 20 minutes. This bug is due to the peculiar way that hdparm uses timeout
values. Times above 20 minutes are only available in 30 minute blocks up to 5.5
hours. In previous versions of FREESCO this value was not interpreted
differently for these values which caused the value sent to hdparm to be
completely wrong and in all cases failure of the hard drive timeout.

Repaired a color brightness problem when changing modes so that the shut down
processes are standard and all of the start processes are brightened.

Repaired the ping binary to display an error when a URL is unresolvable.

Repaired the reformatting of the swap file at each boot which caused an extra
delay in the boot process.

Changed setup mode to not run on tty2 so it is capable of performing other
shell operations if needed when running in setup mode.

Changed the sftp server binary to be included into the Dropbear multi-call
binary to increase disk space. Thanks to justdave for his efforts modifying the
source code.

Changed the secure proc option in the kernel to allow the oident server to
function more effectively.

Changed the rc_masq script to run more efficiently when the firewall is
disabled and to try and stop "Terminated" from being shown on the boot screen
on some systems during startup.

Changed the "restrict ramdisk to 4MB" option to be a manual control option for
the ramdisk size. This means you can manually choose the size of ramdisk the
system installs and override the automatic selection of ramdisk size.

Changed passwd, chat, shapecfg, brcfg, htpasswd, ipfwadm, freetime, setserial,
clock, ipportfw, ipautofw, ipcalc, nice, and ipfwd from stand alone binaries
into part of the busybox binary to gain disk space.

Changed the passwd binary so that mis typed passwords exit with an exit code
of 1 rather than always exiting with 0 regardless.

Changed the password functions built into the system to continue asking for
a password until the password is typed correctly twice. This avoids even the
possibility of not actually changing the password due to mis typing it.

Changed the "smtpchk" binary source code created by Dingetje into the
"serverchk" binary. Which is capable of testing most servers on any port for
connectivity. This binary has an exit code of 0 if the port is active and 1 if
the port is non responsive.

Changed the location of the license.txt from the root directory on floppy
installs and the c:\router directory on hard drive installs to always be in
the root directory of FREESCO when it is running. This changes the file from a
standard removable file to be inside the ramdisk which is always available for
viewing when FREESCO is running.

Changed rc_pfwd so it will not allow ports above 48712 to be forwarded which
interfere with the NAT/firewall and cause system network problems.

Changed the top output format so that it looks better with a full screen width
white bar to delineate the fields and two more lines of process information.

Changed the "update" binary to always be started regardless of the hard drive
sleep timeout rather than just when the timeout is set to zero. This will help
prevent data loss due to an unexpected shutdown or power failure.

Added an option into the manual ramdisk control to load a special sized ramdisk
into the system at boot time. Multiple ramdisks of various sizes are provided
in the addons-038.zip ranging from 32MB to 128MB which can be copied to the
floppy or hard drive install in the root directory where the "kernel" is located
and then configured within the advanced ramdisk manual control section of the
setup options #19, #191, and #192. For these ramdisks which are larger than 16MB
this also requires some extra manual configuration of the ramdisk.bat or the
lilo.conf file on ext2 installs to change the "ramdisk_size=16384" option.

Added an option in the advanced setup extra options to change the control panel
frame sizes.

Added an option into Dropbear(SSH) so that it is capable of binding to a single
IP address:port rather than listening on all interfaces on a port. This means
the server is capable of only listening to one IP:Port on a multiple interface
machines. IP:Port as well as Port statements can be mixed and matched as needed
up to 20 instances in the additional parameters option. This also means that the
server can be ran in "y" mode so there is no firewall rule for the external port
and then enabled to only listen on the internal interface and still be
externally secure as well as undetectable to even a port scan of a blocked port.

Added an option to enable diagnostic beeps and system sounds at specific times
of the day. Also added the "-f" flag to the play command which will play tunes
even when outside the range set for system sounds. During the time sounds are
disabled the sound is logged into the log messages file.

Added a "rc_user ram" section that runs just after the ramdisk is loaded to give
ramdisk users more control over the system.

Added a kernel patch to allow FREESCO to mount newer ext2 file systems with a
higher inode density and removes the requirement that all ext2 hard drives have
to be formatted using a lib5 system. This patch also increases file handlers
across the system. 

Added a kernel patch to support hard drives up to 2TB. There is also dma support
for OPTI, NVIDIA pata, and NVIDIA sata when the triton disk controller option is
enabled on third party kernels. Thanks to justdave for his new kernel patch.

Added IPSEC to the default kernel configuration. This allows the use of
multiple VPN connections through FREESCO that require this extended protocol.

Added the ipfwd binary for protocol forwarding. This gives FREESCO the ability
to forward protocol 47 (GRE) to an internal VPN server.

Added a check into the advanced package setup so that the installation of
the ext2 package is only shown and enabled when running from a floppy.

Added a port option to all of the ban and allow options in the restrict.cfg so
that specific ports can be included or excluded from banned or allowed IP's
along with the time and day values if needed.

Added a 2MB ramdisk into the system so that systems running only 16MB of
ram can now run the "read disk only once" option. This also allows for the 
manual ramdisk control to be configured with a smaller ramdisk.

Added the "printout" command which is a full featured text file converter that
will print text files to a connected printer. This script corrects the standard
stair stepping problem and it has many custom print features such as landscape,
header file name, page numbering, print job separator page, date stamping, page
print range, and print preview capabilities.

Added the wc binary for file line, word, bytes, and longest line counts.

Added the dropbearconvert binary so that Dropbear and Openssh private keys can
be converted to the desired format for use on other client OS's.

Added an option to create the /home/root/.ssh/authorized_keys file and add an
entry for the generated client private keys when the SSH server is enabled. This
option is also presented when new normal users are created with a home directory.

Added a new feature to run the e2fsck binary when running on a ext2 hard drive
install. This feature performs a disk check to correct problems if the drive was
not unmounted properly.
(Welcome back to being punished for just turning the power off ;-)

Added the "tune2fs" and "dumpe2fs" binaries into the ext2 package to be able to
control the default behavior of the file system. Also added a new option to
the package which is "rc_ext2 disk-scan" which makes it possible to scan the
hard drive for errors at any time without the need to reboot the system.
 
Added the -A flag to the smtpclient binary which extends the header and makes it
possible to attach files. Thanks to justdave for this feature.

Added the -c flag to the tar binary so that "tar" can create tar archives. Also
changed the tar binary so that PATH/filenames can be longer than 100 characters.
Thanks to justdave for modifying the source code and making this possible.

Added mini_sendmail with a symbolic link to /bin/sendmail so that command line
users who are accustomed to using sendmail as well as web applications can have
remote client mailing capabilities without the need to install a mail server.

Added the "which" command to determine which binary the system is using for any
specific command and or where it is located in the PATH.

Added "ae" (allow external IP) and "aep" (allow external IP port) to the
restrict.cfg so that external control can be as specific as the internal
control.

Added a "Server monitor" option number 54 into the advanced setup. This option
can monitor the ftp, ssh, dns, http, lpd, and ident servers for connectivity.
This is done by checking the server port for a response rather than just
checking to see if the server is running. If the server fails for any reason
then the server is restarted automatically when the monitor is enabled for that
server. The time interval for the test frequency can also be set in minutes.
NOTE: Each test cycle does put an entry for the ftp and ssh server for a
      failed login attempt into the log and when any server is restarted due
      to failure. So you can expect a lot of log entries when this is enabled
      on the ftp and ssh servers.

Added a "print test page" option into the primary printer configuration options
when enabling the print server in the setup. This option appears for each
defined printer and prints a FREESCO logo with the "printout" command help page.

Added a file listing of the drv directory that is included in the report.txt to
help diagnose system problems during support questions.

Added the cip (computing in progress) command, this command places a spinning
character on the screen so operations that take some time to execute don't
appear to have locked the machine up.

Added a new script named "email". This script is used to email specific
information about the system to either a specific email address which can be
specified on the command line or if omitted it sends the information to the
default defined email address. The flags for this script are:

email [-messages] [-secure] [-infolog] [-report] [-netinfo] [user@domain]

All or just one flag can be used on a single command entry. This script is the
replacement for the previous "sendlogs" script which had limitations on what
information it could send via email.

Added an extra log file "/var/infolog" and the displayed information for this
file is on tty5. This means that the old network and top information that was on
tty5 and tty6 has been moved up one screen so that they are now on ty6 and
tty7. What this does is to separate all of the information only logs from more
important kernel and higher priority logs on tty3 and in the messages file. This
also still keeps the login logs in the secure file on tty4 separate as well.
This new feature is intended to make seeing important information easier.

Added the "System.map" file in the zip file so that extended kernel information
can be displayed. This file requires a hard drive install and the use of the
default kernel. Third party kernels and ALL other official kernels REQUIRE
their own "System.map" file. Which this file has not been provided with all of
the previous kernels, but will be included with all future kernels. To enable
this new feature just copy the "System.map" file to the same directory as the
kernel in the /boot directory and make certain the file name is capitalized the
same as stated.

Added entries into the /etc/syslog.conf so that logs entries are no longer
duplicated in the various log files and screens.

Added a new logon sceen.

59K free on the floppy.