fwsnort-0.6.5 (03/20/2005):
    - Updated to not attempt to download Snort rules from snort.org
      because the rules are no longer available for automatic downloads
    - Changed the install.pl script and the --update-rules mode for
      fwsnort to download the latest signature set from
      http://www.bleedingsnort.com/.
      (Snort.org is now offering pay-service around their rule sets).
    - Added signature test for the "flowbits" keyword.

fwsnort-0.6.4 (12/18/2004):
    - Updated to Snort-2.3 rules.  FWSnort can convert a total of 1710
      out of 2559 total Snort-2.3 rules.
    - Updated to new Snort rules download link for --update-rules mode:
      http://www.snort.org/dl/rules/snortrules-snapshot-CURRENT.tar.gz
    - Updated to standard [+], [-], and [*] prefixes for info, warning
      and die logging messages.
    - Added --replace-string patches.

fwsnort-0.6.3 (04/04/2004):
    - Added ignore functionality for both IPs and networks
    - Split --ipt-block into --ipt-drop and --ipt-reject to add DROP
      or REJECT rules respectively.
    - Added --add-deleted option to allow rules in the "deleted.rules"
      file to be added.

fwsnort-0.6.2 (03/19/2004):
    - Added --internal-net and --dmz-net options so that internal and
      dmz networks can be manually specified without having to parse
      the output of ifconfig.  This is most useful for running fwsnort
      on a linux system that is acting as a bridge where no ip addresses
      are assigned to the interfaces.
    - Bugfix for missing icmp-port-unreachable rejects for UDP packets.

fwsnort-0.6.1 (02/01/2004):
    - Bugfix for not adding dmz interface rules to INPUT chain.
    - Bugfix for not getting the DMZ interface network.

fwsnort-0.6 (01/04/2004):
    - Speed increase and disk access decrease by writing iptables
      commands to the iptables script only after all lines have been
      generated.
    - Bugfix for DMZ interface.
    - Bugfix for multiple ip_proto fields.
    - Removed the ip protocol as an allowed protocol for translation.
    - Bugfix for negated port numbers.
    - Removed "<-" rule direction since not even snort supports this.
    - Fixed snort rule updates from snort.org.

fwsnort-0.5 (12/21/2003):
    - Added "-j REJECT --reject-with tcp-reset" for tcp sessions
      if the --ipt-block option is specified.
    - Added ability to download latest snort rules from snort.org.
    - Added --no-ipt-jumps.
    - Added better checking for iptables build characteristics such
      as the LOG target and wether or not the ipv4options extension
      is compiled in.
    - Added config preservation code from psad in install.pl.
