-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathChangeLog
134 lines (120 loc) · 6.26 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
# ------------------------------------------------------------
# cawk is subjet to a MIT open-source licence
# please refer to the MIT licence file for further information
# ------------------------------------------------------------
# cawk is Copyright (C) 2024-2025 by Cedric Llorens
# ------------------------------------------------------------
v2.1.0 (january 2025): enforce a stabilized version of the v2.0.0 release train
- update date 2024-2025 in cawk root directory
- change checkdiff output generated by <gmake check> to be compliant with all linux/unix systems (default sort output may differ from os to os)
- add <.gitkeep> in all empty cawk directories to avoid that empty directories are not pushed in github
- enforce that the <run> repository is a full copy of the <repo> repository
- add a new target gicheckdist (implement counter-measures checks) in cawk Makefile to avoid deployment errors before github push
- optimize the cawk root Makefile for future supplier os deployment
- provide the procedure to submit a pull request
v2.0.1 (december 2024): add .gitkeep reports/repo and reports/run as not pushed in github
v2.0.0 (november 2024): this is a major update with new usage of building <AUDIT-NAME> assessments
Common:
- add <number_of_pass_error> in the summary report
- review the output of the <gmake> command at cawk root directory (provide full help on the cawk gmake targets)
Makefile:
- review the Makefile parts
- use of variables to point out all cawk core directories
- able to create/delete/list an assessment based on an <AUDIT_NAME> thanks to new cawk targets :
- gmake create_audit audit=AUDIT_NAME
- gmake delete_audit audit=AUDIT_NAME
- gmake list_audit
You may refer to README for further information and the number of assessments that can be built is limited by system resources
Directories:
- confs, tests, exceptions and reports directories setup have been reviewed and organized on the same design
Tests:
- add new tests for cisco-ios, cisco-cedge, cisco-viptela, nokia-sros, paloalto-panos, huawei-vrp, fortinet-fortios, juniper-junos
v1.9.0 (october 2024):
Common:
- fix a small bug (Makefile - gmake catalog)
- add a new target : gmake common to provide the list of functions available in the common directory for tests
Tests:
- add new tests for cisco-ios, cisco-cedge, cisco-viptela, nokia-sros, paloalto-panos, huawei-vrp, fortinet-fortios, juniper-junos
- review the paloalto-panos conf (add <deviceconfig> block) and update the tests accordingly
v1.8.0 (august 2024):
Common:
- fix some little bugs or bad ouputs of the Makefile
- include m4 preprocessing of exceptions to include later friendly m4 functions
- a test can has <.template> suffix and <.m4> suffix, for <.m4> a preprocessing
is performed by m4 functions available in the cawk m4 directory. m4 allows to
define predefined templates of tests managing configuration block hierarchy
automatically
Tests:
- add a new supplier : cisco-cedge
- add new tests for cisco-ios, cisco-cedge, cisco-viptela (tests with *.m4 extension)
v1.7.0 (june 2024):
Common:
- build exceptions directory with empty exception files per supplier
- update Makefile to build for each assessment an exception report
Tests:
- Run and fix bugs on all suppliers tests
v1.6.0 (june 2024):
Common:
- migrate the fw rules assessment library in common directory
- add the <research> as supplier target for development purpose
- add a new risk level = info for audit purpose
- update reporting to take into consideration the new risk level info and sort the list of tests
Tests:
- add new tests checking cisco-ios simple acl with risk level info and add other tests
- add new tests checking huawei-vrp acl (partially done) with risk level info and add other tests
- add ntp tests for cisco-ios,juniper-junos,huawei-vrp,cisco-viptela and nokia-sros
v1.5.0 (may 2024):
Common:
- add new Makefile target <view_error> to only view assessments errors
Tests:
- review all the tests and fix some bugs
For future release:
- work on firewall rules analysis in order to find redundant && inconsistent rules
- progress for cisco-ios scope
(i.e. research directory, only for dvt/test purpose)
v1.4.0 (april 2024):
Common:
- remove the init target in generated parallel Makefile built to avoid missing tests and silent mode
- enhance reporting with high, medium, low and review % computation with float
System:
- remove colors and add OK/NOK for gmake system (portability purpose)
Tests:
- add tests for cisco-ios,juniper-junos,huawei-vrp,cisco-viptela and nokia-sros
For future release:
- work on firewall rules analysis in order to find redundant && inconsistent rules
(i.e. research directory, only for dvt/test purpose)
v1.3.0 (march 2024):
Makefile:
- add Makefile.support.mk in order to set make options (i.e. cawk parallel mode)
- update Makefile to turn on cawk in parallel mode
- add a new <system> target to check if the system is ready to run cawk
Tests:
- add tests for all suppliers (fix some tests outputs / reporting)
- add cisco-viptela supplier
For next release:
- work on analysis firewall rules to find redundant && inconsistent rules
(research directory, only for dvt/test purpose)
v1.2.0 (march 2024):
Makefile:
- review catalog output and tests running output
Tests:
- update all tests purposes with similar syntax
- add tests for all suppliers
- add paloalto-panos supplier
For next release:
- work to generate a Makefile that can runned in parallel, enforcing stable system and managing write race conditions
(commmon/gen_cawk_makefile.gawk.template), it will be used for huge number of devices assessment
v1.1.0 (february 2024):
Makefile:
- add new suppliers for future tests and add os suffix for each scope
- add view per scope thanks to <supplier=> variable called with view target
gmake clean check_repo supplier=cisco-ios (or juniper-junos, etc.)
gmake clean check_run supplier=cisco-ios (or juniper-junos, etc.)
gmake view supplier=cisco-ios (or juniper-junos, etc.)
Tests:
- add tests in existing suppliers and configure a better writting approach for matching block
- add nokia-sros supplier
v1.0.0 (february 2024): initial version
- basis tests covering cisco-ios, huawei, fortiner, juniper-junos
- integrate a basic reporting
- fully automated by gmake