• - Updates will now track the release field as part of the version and in the -v output
• - Update to open port tracking system
• - Bugfix #XXX, ASL Web, Fixes scrollbar in connections window; removes presence check for stateful rule in firewall rules
• - Bugfix #XXX, disable --noflush on the running.fw settings
• - Feature request #853, return error if DAZUKO use is detected, and ASL kernel / modules are not present
• - Feature Request #857: Extend --permissions-check to all ASL config files and session dirs

To upgrade:
asl -u

or
yum upgrade asl asl-web asl-waf-module

Features:

•  Its fast. Real Fast.
•  Inbound TCP services list (FW_INBOUND_TCP_SERVICES)
•  Inbound UDP services list (FW_INBOUND_UDP_SERVICES)
•  Outbound TCP services list (FW_OUTPUT_TCP_SERVICES)
•  Outbound UDP services list (FW_OUTPUT_UDP_SERVICES)
•  Dshield, Lasso, and TOR blacklists (FW_DSHIELD, FW_LASSO, FW_TOR)
•  Faster (real fast!) loading of existing blacklist/geo-blacklist sets
•  User ID limited firewall rules for SMTP traffic from the ACL list /etc/asl/firewall/mta-output-acl. When enabled, only users on this list will be able to connect to external mail servers, preventing untrusted web users from bypassing the internal MTA through the use of spam bots.
•  Tortixd ACL list (/etc/asl/firewall/tortixd-access-list), when enabled this is a list of IP's allowed to connect to the ASL Web interface
•  Support for user defined rules through ASL Web
•  All rules are moved to named ASL- chains.

As a beta component, new features introduced the ASL Fast-Mode firewall are disabled by default. Existing components from the legacy ASL firewall such as the geo-blacklist will take advantage of the new fast-mode loading capabilities with no additional configuration required. While we took pains to make the ASL Fast-mode firewall compatible with other rule management interfaces, we recommend removing or otherwise disabling other firewall management systems.

Changelog:

•  Add Fast-Mode firewall system
•  Add New monitoring capabilities added: load, diskspace and listeners
•  Update, T-WAF, force fix mode if tortix_waf.conf is not detected
•  Update, ASL Web, firewall rule changes are saved across reboots
•  Update, Configuration, mysql administrator username defaults to "root"
•  Update, File integrity, add aqueduct directories to ignores
•  Feature Request #628, Add MTA firewall rule group (/etc/asl/firewall/mta-output-acl)
•  Bugfix #XXX, ASL Web, Fixes issues with rule edit in firewall window
•  Bugfix #XXX, firewall, detect /proc based controls more accurately
•  Bugfix #XXX, add more redundancy to waf/tortix proxy configs. This will now purge old versions when configs are blank, in addition to linting configs when they are not blank
•  Bugfix #XXX, only write to file if $waf_redirect has something in it
•  Bugfix #XXX, ssh_check, fix for enabling password auth when ADMIN users are not defined
•  Bugfix #XXX, asl-firstboot, fix path for asl-firstboot's network info file, and add in a post-success cleanup event

To Upgrade:
asl -u

or
yum upgrade asl asl-web asl-waf-module