Skip to main content

Release Notes

version 2.5.2 (2023-03-27)​

  • change of base OS from Ubuntu 18.04 to Ubuntu 20.04
The CIS Ubuntu Linux 20.04 LTS Benchmark v1.1.0 Level 2 - Server report is available upon request by contacting support. The image scored 215/219. An explanation will be attached for the unmet 4.

version 2.5.1 (2023-02-03)​

  • general OS updates

version 2.5.0 (2022-11-07)​

Breaking Changes

  • CloudWatch log group name changed from discrimiNAT to DiscrimiNAT. The first letter of the word DiscrimiNAT is, and going-forwards will be, in upper-case.
  • IAM Policy has been updated to reflect the upper-case letter D.
  • AMI name has seen the same change.
  • A new patch version, 2.4.1, of the ENI Terraform module has been released that constrains it to DiscrimiNAT version 2.4.x AMIs only. The ENI Terraform module will be updated in due course to support DiscrimiNAT version 2.5.x and onwards.

version 2.4.2 (2022-10-11)​

  • improved connection handling for very short lived TLS connections with specific server-side implementations (such as Envoy Proxy)

version 2.4.1 (2022-05-11)​

  • fixed a sporadic connection reset issue, that emitted unexpected response in the logs, and which only occurred in the see-thru monitoring mode while connecting to a destination at very high latency

version 2.4.0 (2022-03-01)​

  • new warning message in config logs when a connection test to an FQDN, carried out by discrimiNAT itself, in any allowlist fails
  • added support for self-attaching an allocated Elastic IP
  • discrimiNAT's own instance ID added to every log line under the key instance, indicating which instance the log line was emitted from
  • updated TLS ECH draft extension identifiers

version 2.2.0 (2021-09-06)​

  • see-thru mode introduced; build allowlists super-quick by putting a Security Group in monitor mode first
  • serverless support introduced; Lambdas etc. with an interface in the VPC will have their outbound traffic filtered
  • full bypass hook added; please reach out to support for instructions on this

version 2.1.0 (2021-08-19)​

version 2.0.5 (2021-05-11)​

  • restricted firewall rule scanning to the same VPC as discrimiNAT firewall was deployed in

version 2.0.4 (2021-04-07)​

version 2.0.3 (2020-11-10)​

  • v2 launch
  • completely new architecture addressing the potential for mismatch of IPs addresses as looked up by a protected workload from the VPC resolver and as looked up by the discrimiNAT firewall
  • rewritten in Rust

version 20200524 (2020-05-27)​

available on request; v1 is now deprecated; please upgrade to v2

version 20200516 (2020-05-20)​

available on request; v1 is now deprecated; please upgrade to v2

version 20191207 (2019-12-10)​

available on request; v1 is now deprecated; please upgrade to v2

version 20191108 (2019-11-12)​

available on request; v1 is now deprecated; please upgrade to v2

version 20190911 (2019-09-13)​

  • v1 launch