-
Notifications
You must be signed in to change notification settings - Fork 4
/
CHANGES
162 lines (120 loc) · 6.54 KB
/
CHANGES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
[1.0.0 @ 2022-04-18]
- Initial release
[1.0.1 @ 2022-04-19]
- GCC fixes
[1.0.2 @ 2022-04-20]
- The translator now drops IGMP packets and allows ESP packets to pass through (as per RFC 7915)
- When translating IP packets "in error" embedded in ICMPv4/v6 messages, illegal IP addresses inside them are now
allowed (for debugging purposes)
[1.0.3 @ 2022-04-22]
- Improved the translation algorithms of ICMP "Packet Too Big" messages
- Added an algorithm to estimate a likely MTU ("plateau MTU"; as per RFC 1191) when translating ICMP "Packet Too Big"
messages
- Added code comments which describe the state the translator's packet buffers need to be in when a function accessing
them is called
- Other minor improvements
[1.0.4 @ 2022-04-23]
- Slightly optimized the RFC 1071 checksum calculation algorithm
[1.0.5 @ 2022-04-23]
- The problematic strerror_r() function is no longer used by the program's logging subsystem
[1.0.6 @ 2022-04-25]
- Slightly optimized the RFC 1071 checksum calculation algorithm
- TUN interfaces are no longer initialized as multi-queue if Tundra is configured to have only one translator thread,
which significantly reduces memory usage
[1.1.0 @ 2022-04-27]
- Reworked the checksum calculation subsystem
- Checksums of TCP and UDP packets are now incrementally updated -> speed improvement
[1.1.1 @ 2022-04-28]
- Reorganized some parts of the program's code
[1.1.2 @ 2022-05-02]
- TCP/UDP checksums within fragmented TCP/UDP packets are now incrementally recalculated, allowing them to pass through
the translator without being "damaged" by it
[1.1.3 @ 2022-05-09]
- Added a note to Tundra's '--help' that the program's configuration may be loaded from standard input
- The program does not check if lines in the configuration file are too long anymore, as the check made it impossible
to load config files not ending with a new-line character
[2.0.0 @ 2022-05-10]
- Tundra can now act as a CLAT translator
- Changed size_t to ssize_t in relevant places
[2.1.0 @ 2022-05-16]
- Redesigned the routines which handle the translation of IPv4/v6 packets "in error" contained within ICMPv4/v6 error
messages
- Fragmented IPv4/v6 packets "in error" contained within ICMPv4/v6 error messages can now be translated
- IPv4/v6 packets "in error" contained within ICMPv4/v6 error messages whose payload is an (partial) ICMPv4/v6 Echo
Request/Echo Reply message can now be translated
- Other minor improvements
[2.1.1 @ 2022-05-16]
- Replaced "NAT64" with "NAT64/CLAT" in Tundra's '--help'
[2.1.2 @ 2022-05-30]
- Fragmentation handling improvements
[2.1.3 @ 2022-06-01]
- IPv4 fragmentation handling improvements
[3.0.0 @ 2022-07-19]
- Completely redesigned the program's IP address translation routines
- Tundra can now act as a plain SIIT translator
[3.0.1 @ 2022-07-19]
- Due to performance reasons, IP address translation functions are no longer called indirectly via function pointers
[3.0.2 @ 2022-07-20]
- Replaced the redundant 't64te_tundra__xlat_status' enum with 'bool'
[3.1.0 @ 2022-07-21]
- Added the ability to auto-discover translation prefixes using the well-known DNS name 'ipv4only.arpa.'
- In order for the program to automatically decide how many translator threads to use, the 'program.translator_threads'
configuration option should be left empty (previously, '0' was used for this purpose)
[4.0.0 @ 2022-07-26]
- Added the 'external' addressing mode, in which Tundra queries an external program for the translation of IP addresses
in packets
- Redesigned the "router subsystem"
- Other minor improvements
[4.1.0 @ 2022-07-27]
- Added the 'router.generated_packet_ttl' configuration option (in former versions, TTL/hop limit of generated packets
used to be configurable only at compile-time)
[4.1.1 @ 2022-07-27]
- Split 't64_utils_ip.*' to 't64_utils_ip.*' and 't64_utils_icmp.*'
[4.1.2 @ 2022-07-27]
- Fixed typing errors related to socket timeout intervals
[4.1.3 @ 2022-07-27]
- Added 'T64C_TUNDRA__MAX_ADDRESSING_EXTERNAL_CACHE_SIZE' to the output of the 'print-config' operation mode
[4.1.4 @ 2022-07-30]
- The program now ignores the 'SIGPIPE' signal
[4.1.5 @ 2022-07-30]
- Configuration from standard input can be now loaded by specifying '-' as the configuration file path
[4.1.6 @ 2022-12-03]
- The translator can now use non-blocking file descriptors to receive and send packets
[4.2.0 @ 2022-12-03]
- Added the 'io.tun.multi_queue' configuration option, making it possible to configure whether each translator thread
will be given its own TUN file descriptor or not
[4.3.0 @ 2022-12-04]
- Completely reworked signal handling, translator thread termination and packet I/O (receiving & sending)
- Vastly improved performance in case a single-queue TUN interface is used
- Removed the ability to use non-blocking file descriptors to receive and send packets
- Other minor improvements
[4.4.0 @ 2022-12-05]
- Removed the program's ability to perform chroot(), as it caused problems on certain distributions / in certain
configurations, while not providing much extra security
[4.4.1 @ 2022-12-06]
- Replaced gettid() with syscall(SYS_gettid), as the wrapper function is not available on some platforms, namely on
older versions of OpenWRT
[4.4.2 @ 2022-12-17]
- Code cleanup
[5.0.0 @ 2022-12-25]
- The entire translation engine has been rewritten from the ground up - it is now faster (zero-copy), more
memory-efficient and more secure, and its code is overall more readable and understandable
- Other minor improvements
[5.0.1 @ 2022-12-25]
- Inbound packets with the 'more fragments' bit set are now validated to have a payload whose size is a multiple of 8
[6.0.0 @ 2024-07-02]
- Updated the copyright year
- Removed the 'print-config' mode of operation, as it was practically useless and hard to maintain
- Improved naming throughout the whole program (files, functions, macros, ...) - most importantly, the 't64...' prefix
has been stripped from all names, and a lot of names were shortened
- Improved versioning - previously, Tundra's version has been specified (using a macro) directly in the 'tundra_defs.h'
header file, while now, the macro is defined by the build system, which gets the version from the 'VERSION' file
- Introduced a basic set of hardening compiler flags
- "Official" support for the Clang compiler has been discontinued
- Other minor changes and improvements
[6.0.1 @ 2024-07-22]
- Significantly extended the set of hardening compiler flags & performed related code changes
- Replaced the hash algorithm used by the IP address mapping cache of external addressing mode
- Other minor improvements
[6.0.2 @ 2024-07-22]
- Declared more functions as 'inline'