          <<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>
           * * *   Release notes for Xymon 4.3.17   * * *
          <<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>


This documents the important changes between Xymon releases, i.e.
changes you should be aware of when upgrading.

For a full list of changes and enhancements, please see the 
Changes file.


Changes for 4.3.15 - 4.3.17
===========================
No significant changes.


Changes for 4.3.14
==================
In previous Xymon versions, a client-only configuration (i.e. one
configured with "./configure --client") would place the client
files in a "client" subdirectory below the directory specified 
during configuration. This is the same directory layout as a server 
installation, where the server and client parts of Xymon are
in separate subdirectories.
In 4.3.14, the default has changed so a client-only installation
now installs in the directory given during the configure-step.
The "/client" has been eliminated, so if you are upgrading an
existing client you must either move the old client installation
one level up from the "client/" directory, or change the Makefile
generated by "configure --client" and add "/client" to the 
XYMONTOPDIR setting.

The SNI support added in 4.3.13 causes problems with some older
webservers, whose SSL implementation cannot handshake correctly
when SNI is used. The failed handshake causes Xymon to report
the site as down. In 4.3.14, the default is changed so SNI is
disabled. A new "--sni" option was added to xymonnet to control the
default setting, and two new tags "sni" and "nosni" can be used in 
hosts.cfg to control SNI for each host that is tested.


Changes for 4.3.13
==================
This is mostly a bugfix release. Apart from simple bugs (see
the Changes file), there are some enhancements:

Alerts sent via e-mail have <CR><NL> line-endings converted
to plain <NL>, since the carriage-return characters would
cause some mailers to send alerts as a (binary) attachment
to an empty mail message.

https-URL's can be forced to use TLS only, by using 
"httpst://..." similar to how SSLv2 and SSLv3 can be chosen.

SSL connections (e.g. for https URL's) now use the TLS 
"Server Name Indication" (SNI) if your OpenSSL library 
supports it. This allows testing of systems that have 
multiple SSL websites located on the same physical IP+port 
(i.e. virtual name-based hosts).


Changes for 4.3.12
==================
NOTE: This release includes a bugfix for a security issue
in the xymond_history and xymond_rrd modules. A "drophost"
command sent to the xymond port (default: 1984) from an IP
listed in the --admin-senders access control list can be
used to delete files owned by the user running the xymond 
daemon. This is allowed by default, so it is highly recommended
to install this update.


Changes for 4.3.2 - 4.3.11
==========================
See the Changes file for a list of significant changes.
These releases are mostly to fix bugs.

NOTE: Some configuration parameters have changed, so you must 
regenerate the top-level Makefile by running the "configure" 
script before compiling the new version.

The inode-check introduced in 4.3.8 and 4.3.10 requires
that you update both the Xymon server installation and the
Xymon client on the systems where you want to monitor how
many inodes are being used.


Changes for 4.3.1
==================
This is a SECURITY BUG FIX release, resolving a number of 
potential cross-site scripting vulnerabilities in the Xymon 
web interface.

Thanks to David Ferrest who reported these to me.


Changes for 4.3.0
==================
IMPORTANT: Most files and internals in Xymon have been renamed
with the 4.3.0-beta3 release. If you are upgrading from a
version prior to 4.3.0-beta3, you MUST read the file 
docs/upgrade-to-430.txt and make sure you follow the steps
outlined here. That also applies if you are upgrading from
4.3.0-beta2.

Xymon 4.3.0 is the first release with new features after 
the 4.2.0 release. Several large changes have been made
throughout the entire codebase. Some highlights (see
the Changes file for a longer list):

* Data going into graphs can now be used to alter a status,
  e.g. to trigger an alert from the response time of a network
  service.
* Tasks in xymonlaunch can be be configured to run at specific
  time of day using a cron-style syntax for when they must run.
* Worker modules (RRD, client-data parsers etc) can operate on
  remote hosts from the xymond daemon, for load-sharing.
* Support for defining holidays as non-working days in alerts and
  SLA calculations.
* Hosts which appear on multiple pages in the web display can
  use any page they are on in the alerting rules and elsewhere.
* Various new network tests: SOAP-over-HTTP, HTTP tests with
  session cookies, SSL minimum encryption strength test.
* New "compact" status display can group multiple statuses into
  one on the webpage display.
* Configurable periods for graphs on the trends page.
* RRD files can be configured to maintain more data and/or
  different data (e.g. MAX/MIN values)
* SLA calculations now include the number of outages in addition
  to the down-time.
* Solaris client now uses "swap -l" to determine swap-space
  usage, which gives very different results from the previous
  "swap -s" data. So your Solaris hosts will appear to change
  swap-utilisation when the Xymon client is upgraded.

TRACKMAX feature removed
------------------------
For users of the TRACKMAX feature present in 4.2.2 and
later 4.2.x releases: This feature has been dropped. Instead,
you should add a definition for the tests that you want to track
max-values for to the rrddefinitions.cfg file. E.g. to
track max-values for the "mytest" status column:

[mytest]
	RRA:MAX:0.5:1:576
	RRA:MAX:0.5:6:576
	RRA:MAX:0.5:24:576
	RRA:MAX:0.5:288:576


Changed behaviour of http testing via proxy
-------------------------------------------
The Big Brother behaviour of allowing you to specify an http 
(web) proxy as part of the URL in a test has been disabled
by default, since it interferes with URL's that contain
another URL as part of the URL path. If you need the Big Brother
behaviour, add "--bb-proxy-syntax" to your invocations of 
bbtest-net.

BBGHOSTS setting removed
------------------------
Setting BBGHOSTS in the xymonserver.cfg file no longer has any
effect. Instead, you must use the "--ghosts" option for hobbitd.
The default ghost handling has also been changed from "ignore"
to "log".

xymonproxy: Alert support for Big Brother servers removed
---------------------------------------------------------
The xymonproxy tool no longer supports forwarding "page"
messages. This means that if you are forwarding messages
from an old Big Brother client to a Big Brother server
that is sending out alerts, then these alerts will be
dropped. Status updates will be forwarded, only alerts
triggered from the Big Brother server are affected.

Webpage menu: New menu code
---------------------------
The Javascript-based menu code ("Tigra") has been replaced
with a menu based on CSS/HTML4. This means that any menu
customization will have to be manually transferred to the
new menu definition file, ~xymon/server/etc/xymonmenu.cfg.
The new menu-system is known NOT to work with Internet
Explorer 6 (IE 7 and newer are fine). If you must have a
menu system that works with the ancient browsers, then the
old Tigra menu can be downloaded from
http://xymon.svn.sourceforge.net/viewvc/xymon/sandbox/tigramenu/?view=tar
together with instructions for using it with Xymon 4.3.0.

