Always report UID:GID of a DIRWATCH file incase the user account owning a reported file no longer exists
Report error gracefully on CIDR->add failures and continue
Added “query (cache)” check to BIND flooding regex
Fix issue with killing Advanced Port blocks using the pipe separator
Update warning messages to include xt_owner with ipt_owner
Replace URL in Server Check for instructions on disabling IPv6
Fixed a bug in LF_CPANEL_ALERT ip address tracking
Added new option LF_CPANEL_ALERT_USERS to be used with LF_CPANEL_ALERT to alert for a specified list of WHM/cPanel account logins. See csf.conf for more information
Added new feature: Port Knocking. See csf.conf and readme.txt for more information on the PORTKNOCKING, PORTKNOCKING_LOG and PORTKNOCKING_ALERT options
Added new UI option: Quick Ignore, for IP addresses
Added Server Check report check that klogd is running if using syslogd or that klog module is loaded if running rsyslogd
Added Server Check report, checks for apache settings: TraceEnable, ServerSignature, ServerTokens and FileETag on cPanel servers
Fixed ip6tables IPV6_SPI check warning for older kernels
Added instruction to open outgoing TCP6 and UDP6 ports when using an older kernel for ip6tables
IPv6 Final (no longer Beta)
Added new option LT_SKIPPERMBLOCK. If LF_PERMBLOCK is enabled but you do not want this to apply to LT_POP3D/LT_IMAPD, then enable this option
Added new option PT_USER_ACTION. If a PT_* event is triggered, then PT_USER_ACTION will be run in a child process and passed the PID(s) of the process(es)