1 pve-firewall (5.0.7) bookworm; urgency=medium
3 * also signal force-disable nftables if FW is completely disabled
5 -- Proxmox Support Team <support@proxmox.com> Tue, 30 Apr 2024 10:30:16 +0200
7 pve-firewall (5.0.6) bookworm; urgency=medium
9 * add flag to signal the new nftables-based proxmox-firewall that it's
10 disabled without the need to parse the config
12 -- Proxmox Support Team <support@proxmox.com> Fri, 26 Apr 2024 17:19:50 +0200
14 pve-firewall (5.0.5) bookworm; urgency=medium
16 * simulator: adapt to more flexible bridge naming scheme
18 -- Proxmox Support Team <support@proxmox.com> Tue, 23 Apr 2024 13:11:43 +0200
20 pve-firewall (5.0.4) bookworm; urgency=medium
22 * fix #5335: stable sorting in cluster.fw
24 * add configuration option for new nftables firewall tech-preview
26 -- Proxmox Support Team <support@proxmox.com> Fri, 19 Apr 2024 20:04:09 +0200
28 pve-firewall (5.0.3) bookworm; urgency=medium
30 * fix resolution of scoped aliases in ipsets
32 -- Proxmox Support Team <support@proxmox.com> Mon, 17 Jul 2023 10:39:28 +0200
34 pve-firewall (5.0.2) bookworm; urgency=medium
36 * fix #4556: api: return scoped IPSets and aliases
38 -- Proxmox Support Team <support@proxmox.com> Wed, 21 Jun 2023 19:17:19 +0200
40 pve-firewall (5.0.1) bookworm; urgency=medium
42 * fix #4556: support 'dc/' and 'guest/' prefix for aliases and ipsets
44 -- Proxmox Support Team <support@proxmox.com> Wed, 07 Jun 2023 16:06:10 +0200
46 pve-firewall (5.0.0) bookworm; urgency=medium
48 * switch to native versioning scheme
50 * build for Proxmox VE 8 / Debian 12 Bookworm
52 -- Proxmox Support Team <support@proxmox.com> Mon, 22 May 2023 14:43:58 +0200
54 pve-firewall (4.3-2) bullseye; urgency=medium
56 * fix variables declared in conditional statement
58 * fix #4730: add safeguards to prevent ICMP type misuse
60 -- Proxmox Support Team <support@proxmox.com> Tue, 16 May 2023 11:17:58 +0200
62 pve-firewall (4.3-1) bullseye; urgency=medium
64 * allow entering IP address with the host bits (those inside the mask) not
65 being all zero non-zero, like 192.168.1.155/24 for example.
67 * api: firewall logger: add optional parameters `since` and `until` for
70 * fix #4550: host options: add nf_conntrack_helpers to compensate that
71 kernel 6.1 and newer have removed the auto helpers
73 -- Proxmox Support Team <support@proxmox.com> Fri, 17 Mar 2023 15:24:56 +0100
75 pve-firewall (4.2-7) bullseye; urgency=medium
77 * fix #4018: add firewall macro for SPICE proxy
79 * fix #4204: automatically update each usage of a group to the new ID when
82 * fix #4268: add 'force' parameter to delete IPSet with members
84 -- Proxmox Support Team <support@proxmox.com> Thu, 17 Nov 2022 19:53:04 +0100
86 pve-firewall (4.2-6) bullseye; urgency=medium
88 * config defaults: document that the mac filter defaults to on
90 * fix #4175: ignore non-filter ebtables tables
92 * fix enabling ebtables if VM firewall config is invalid
94 -- Proxmox Support Team <support@proxmox.com> Mon, 29 Aug 2022 09:43:53 +0200
96 pve-firewall (4.2-5) bullseye; urgency=medium
98 * fix #3677 ipset get chains: handle newer ipset output for actual
101 -- Proxmox Support Team <support@proxmox.com> Thu, 04 Nov 2021 16:37:13 +0100
103 pve-firewall (4.2-4) bullseye; urgency=medium
105 * re-build to avoid issues stemming from semi-broken systemd-debhelper version
107 -- Proxmox Support Team <support@proxmox.com> Tue, 12 Oct 2021 10:39:05 +0200
109 pve-firewall (4.2-3) bullseye; urgency=medium
111 * fix #2721: remove the (nowadays) bogus reject for TCP port 43 from the
112 default drop and reject actions
114 -- Proxmox Support Team <support@proxmox.com> Fri, 10 Sep 2021 13:00:07 +0200
116 pve-firewall (4.2-2) bullseye; urgency=medium
118 * re-set relevant sysctls on every apply round
120 -- Proxmox Support Team <support@proxmox.com> Mon, 21 Jun 2021 11:31:42 +0200
122 pve-firewall (4.2-1) bullseye; urgency=medium
124 * fix #967: source: dest: limit length
126 * re-build for Debian 11 Bullseye based releases (Proxmox VE 7)
128 * fix #2358: allow --<opt> in firewall rule config files
130 -- Proxmox Support Team <support@proxmox.com> Wed, 12 May 2021 20:32:30 +0200
132 pve-firewall (4.1-3) pve; urgency=medium
134 * fix #2773: ebtables: keep policy of custom chains
136 * introduce new icmp-type parameter
138 -- Proxmox Support Team <support@proxmox.com> Fri, 18 Sep 2020 16:51:27 +0200
140 pve-firewall (4.1-2) pve; urgency=medium
142 * revert: rules: verify referenced security group exists
144 -- Proxmox Support Team <support@proxmox.com> Wed, 06 May 2020 17:41:36 +0200
146 pve-firewall (4.1-1) pve; urgency=medium
148 * logging: add missing log message for inbound rules
150 * fix #2686: avoid adding 'arp-ip-src' IP filter if guests uses DHCP
152 * IPSets: parse the CIDR before checking for duplicates
154 * verify that a referenced security group exists
156 * ICMP: fix iptables-restore failing if ICMP-type values bigger than '255'
158 * ICMP: allow one to specify the 'echo-reply' (0) type also as integer
160 * improve handling concurrent (parallel) access and modifications to rules
162 -- Proxmox Support Team <support@proxmox.com> Mon, 04 May 2020 15:01:57 +0200
164 pve-firewall (4.0-10) pve; urgency=medium
166 * macros: add macro for Proxmox Mail Gateway web interface
168 * api node: always pass cluster conf to node FW parser to fix false positive
169 error message about non existing aliases, or IP sets, when querying the
170 node FW options GET API call.
172 * grammar fix: s/does not exists/does not exist/g
174 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jan 2020 19:25:49 +0100
176 pve-firewall (4.0-9) pve; urgency=medium
178 * ensure port range used for offline storage migration and insecure migration
179 traffic is allowed by default rule set.
181 -- Proxmox Support Team <support@proxmox.com> Tue, 03 Dec 2019 08:12:20 +0100
183 pve-firewall (4.0-8) pve; urgency=medium
185 * increase default nf_conntrack_max to the kernel's default
187 * fix some "use of uninitialized value" warnings when updating CIDRs
189 * update schema documentation
191 * add explicit dependency on libpve-cluster-perl
193 * add support for "raw" tables
195 * add options for synflood protection for host firewall:
196 - nf_conntrack_tcp_timeout_syn_recv
197 - protection_synflood: boolean
198 - protection_synflood_rate: SYN rate limit (default 200 per second)
199 - protection_synflood_burst: SYN burst limit (default 1000)
201 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Nov 2019 13:48:20 +0100
203 pve-firewall (4.0-7) pve; urgency=medium
205 * only add VM chains and rules if VM firewall is enabled
207 -- Proxmox Support Team <support@proxmox.com> Wed, 7 Aug 2019 10:55:06 +0200
209 pve-firewall (4.0-6) pve; urgency=medium
211 * firewall macros: add new Ceph protocol v2 port while keeping v1 port
213 -- Proxmox Support Team <support@proxmox.com> Tue, 23 Jul 2019 18:57:48 +0200
215 pve-firewall (4.0-5) pve; urgency=medium
217 * don't use any base path at all for calls to external binaries to make use
218 compativle with bot, /usr merged and unmerged setups
220 -- Proxmox Support Team <support@proxmox.com> Fri, 12 Jul 2019 11:47:53 +0200
222 pve-firewall (4.0-4) pve; urgency=medium
224 * ebtables: remove PVE chains properly
226 * ebtables: treat chain deletion as change
228 * use /usr/sbin as base path
230 -- Proxmox Support Team <support@proxmox.com> Thu, 11 Jul 2019 19:40:01 +0200
232 pve-firewall (4.0-3) pve; urgency=medium
234 * Create corosync firewall rules independently of localnet~
236 * Display corosync rule info on localnet call
238 -- Proxmox Support Team <support@proxmox.com> Thu, 04 Jul 2019 15:56:11 +0200
240 pve-firewall (4.0-2) pve; urgency=medium
242 * fix systemd warning about PIDFile directory
244 * fix CT rule generation with ipfilter set
246 * pve-firewall service: update-alternative iptables and ebtables to working
249 -- Proxmox Support Team <support@proxmox.com> Mon, 24 Jun 2019 20:43:21 +0200
251 pve-firewall (4.0-1) pve; urgency=medium
253 * re-build for Debian Buster / PVE 6
255 -- Proxmox Support Team <support@proxmox.com> Tue, 21 May 2019 22:28:55 +0200
257 pve-firewall (3.0-21) unstable; urgency=medium
259 * fix ipv6 PVEFW-reject
261 * fix #2193: arpfilter: CT: remove mask from net IP/CIDR to avoid
262 ebtables doing the wrong thing here
264 -- Proxmox Support Team <support@proxmox.com> Wed, 08 May 2019 10:09:31 +0000
266 pve-firewall (3.0-20) unstable; urgency=medium
268 * use IPCC to read config and rule files, if the are backed by pmxcfs which
269 has better handling for pmxcfs restarts
271 * fix #2178: endless loop on ipv6 extension headers
273 -- Proxmox Support Team <support@proxmox.com> Fri, 19 Apr 2019 05:10:13 +0000
275 pve-firewall (3.0-19) unstable; urgency=medium
277 * ebtables: add arp filtering
279 * fix: #2123 Logging of user defined firewall rules
283 * allow to enable/disable and modify cluster wide log ratelimits
285 -- Proxmox Support Team <support@proxmox.com> Tue, 02 Apr 2019 11:15:16 +0200
287 pve-firewall (3.0-18) unstable; urgency=medium
289 * fix #1606: Add nf_conntrack_allow_invalid option
291 * log reject : add space after policy REJECT like drop
293 * fix #1891: Add zsh command completion for pve-firewall
295 -- Proxmox Support Team <support@proxmox.com> Mon, 04 Mar 2019 10:27:01 +0100
297 pve-firewall (3.0-17) unstable; urgency=medium
299 * fix #2005: only allow ascii port digits
301 * fix #2004: do not allow backwards ranges
303 * add conntrack logging via libnetfilter_conntrack and allow one to enable
304 it through the firewall host configuration
306 -- Proxmox Support Team <support@proxmox.com> Wed, 09 Jan 2019 16:56:17 +0100
308 pve-firewall (3.0-16) unstable; urgency=medium
310 * api/rules: fix macro return type
312 -- Proxmox Support Team <support@proxmox.com> Fri, 30 Nov 2018 16:02:59 +0100
314 pve-firewall (3.0-15) unstable; urgency=medium
316 * fix #1971: display firewall rule properties
318 -- Proxmox Support Team <support@proxmox.com> Fri, 23 Nov 2018 14:01:33 +0100
320 pve-firewall (3.0-14) unstable; urgency=medium
322 * fix #1841: avoid ebtable reloads when containers have multiple network
325 -- Proxmox Support Team <support@proxmox.com> Fri, 24 Aug 2018 10:51:04 +0200
327 pve-firewall (3.0-13) unstable; urgency=medium
329 * avoid unnecessary reloads of ebtable ruleset
331 -- Proxmox Support Team <support@proxmox.com> Thu, 28 Jun 2018 14:47:16 +0200
333 pve-firewall (3.0-12) unstable; urgency=medium
335 * fix deleted iptables chains not being properly detected as a change
337 -- Proxmox Support Team <support@proxmox.com> Tue, 12 Jun 2018 12:01:02 +0200
339 pve-firewall (3.0-11) unstable; urgency=medium
341 * #1764: rename 'ebtales_enable' option to 'ebtables'
343 -- Proxmox Support Team <support@proxmox.com> Wed, 06 Jun 2018 16:18:13 +0200
345 pve-firewall (3.0-10) unstable; urgency=medium
347 * fix #1764: handle existing ebtables rules and allow disabling ebtables
349 * ebtables handling can be disabled via /etc/pve/firewall/cluster.fw's new
350 ebtables_enable option.
352 -- Proxmox Support Team <support@proxmox.com> Tue, 29 May 2018 15:14:33 +0200
354 pve-firewall (3.0-9) unstable; urgency=medium
356 * fix creation of ebltables FORWARD rule entry
358 -- Proxmox Support Team <support@proxmox.com> Thu, 17 May 2018 14:41:27 +0200
360 pve-firewall (3.0-8) unstable; urgency=medium
362 * add ebtables support for better MAC filtering
364 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Apr 2018 14:25:41 +0200
366 pve-firewall (3.0-7) unstable; urgency=medium
368 * support distinct source and destination multi-port matching
370 * multi-port matching: when specifying the same list of ports for source and
371 destination require them both to match, rather than one of them, as this
372 was rather unexpected behavior
374 -- Proxmox Support Team <support@proxmox.com> Mon, 12 Mar 2018 14:58:08 +0100
376 pve-firewall (3.0-6) unstable; urgency=medium
378 * fix #1319: don't fail postinst with masked service
380 * debian: switch to compat 9, drop init scripts, drop preinst
382 * check multiport limit in port ranges
384 * build: use git rev-parse for GITVERSION
386 -- Proxmox Support Team <support@proxmox.com> Thu, 08 Mar 2018 13:53:11 +0100
388 pve-firewall (3.0-5) unstable; urgency=medium
390 * fix issue with disabled flag not being honored within groups
392 -- Proxmox Support Team <support@proxmox.com> Thu, 07 Dec 2017 08:31:42 +0100
394 pve-firewall (3.0-4) unstable; urgency=medium
396 * fix issues with ipsets reloading unnecessarily or too late
398 * fix some typos in the logs
400 -- Proxmox Support Team <support@proxmox.com> Thu, 16 Nov 2017 11:41:56 +0100
402 pve-firewall (3.0-3) unstable; urgency=medium
404 * Fix #1492: logger: use current timestamp if the packet doesn't have one
406 -- Proxmox Support Team <support@proxmox.com> Tue, 12 Sep 2017 14:43:06 +0200
408 pve-firewall (3.0-2) unstable; urgency=medium
410 * Fix #1446: remove masks in case the package had previously been removed but
413 * improve logging on errors in the firewall configuration
415 * forbid trailing commas in lists as iptables-restore doesn't support them
417 -- Proxmox Support Team <support@proxmox.com> Mon, 17 Jul 2017 15:24:40 +0200
419 pve-firewall (3.0-1) unstable; urgency=medium
421 * rebuild for Debian Stretch
423 -- Proxmox Support Team <support@proxmox.com> Thu, 9 Mar 2017 14:04:17 +0100
425 pve-firewall (2.0-33) unstable; urgency=medium
427 * ipset: don't allow zero-prefix entries
429 -- Proxmox Support Team <support@proxmox.com> Tue, 29 Nov 2016 12:18:04 +0100
431 pve-firewall (2.0-32) unstable; urgency=medium
433 * improve search for local-network
435 -- Proxmox Support Team <support@proxmox.com> Tue, 29 Nov 2016 06:35:08 +0100
437 pve-firewall (2.0-31) unstable; urgency=medium
439 * don't try to apply ports to rules which don't support them
441 -- Proxmox Support Team <support@proxmox.com> Thu, 06 Oct 2016 08:31:51 +0200
443 pve-firewall (2.0-30) unstable; urgency=medium
445 * add multicast DNS to the list of Macros
447 * add missing parameter descriptions
449 * build-depends: add dh-systemd
451 -- Proxmox Support Team <support@proxmox.com> Fri, 16 Sep 2016 08:53:16 +0200
453 pve-firewall (2.0-29) unstable; urgency=medium
455 * prevent overwriting ipsets/sec. groups by renaming
457 -- Proxmox Support Team <support@proxmox.com> Fri, 03 Jun 2016 16:46:10 +0200
459 pve-firewall (2.0-28) unstable; urgency=medium
461 * use pve-common's ipv4_mask_hash_localnet
463 * fix allowed group name length
465 * make group digest stable
467 -- Proxmox Support Team <support@proxmox.com> Fri, 03 Jun 2016 11:01:47 +0200
469 pve-firewall (2.0-27) unstable; urgency=medium
471 * fix #972: make PVEFW-FWBR-* rule order stable
473 -- Proxmox Support Team <support@proxmox.com> Tue, 17 May 2016 07:59:52 +0200
475 pve-firewall (2.0-26) unstable; urgency=medium
477 * fix #988: set rp_filter=2
479 -- Proxmox Support Team <support@proxmox.com> Mon, 09 May 2016 10:01:28 +0200
481 pve-firewall (2.0-25) unstable; urgency=medium
483 * fix #945: add uninitialized check in lxc ipset compilation
485 -- Proxmox Support Team <support@proxmox.com> Thu, 21 Apr 2016 09:58:33 +0200
487 pve-firewall (2.0-24) unstable; urgency=medium
489 * Build-Depend on pve-doc-generator
491 * generate manpage with pve-doc-generator
493 -- Proxmox Support Team <support@proxmox.com> Wed, 06 Apr 2016 10:52:45 +0200
495 pve-firewall (2.0-23) unstable; urgency=medium
497 * use only the top bit for our accept marks
499 -- Proxmox Support Team <support@proxmox.com> Fri, 01 Apr 2016 07:35:38 +0200
501 pve-firewall (2.0-22) unstable; urgency=medium
503 * Use cfs_config_path from PVE::QemuConfig
505 -- Proxmox Support Team <support@proxmox.com> Tue, 08 Mar 2016 11:47:40 +0100
507 pve-firewall (2.0-21) unstable; urgency=medium
509 * added new 'ipfilter' option
511 -- Proxmox Support Team <support@proxmox.com> Thu, 03 Mar 2016 09:43:39 +0100
513 pve-firewall (2.0-20) unstable; urgency=medium
515 * fix 901: encode unicode characters in sha digest
517 -- Proxmox Support Team <support@proxmox.com> Mon, 29 Feb 2016 12:40:14 +0100
519 pve-firewall (2.0-19) unstable; urgency=medium
521 * Add radv option to VM options
523 -- Proxmox Support Team <support@proxmox.com> Sat, 27 Feb 2016 10:24:42 +0100
525 pve-firewall (2.0-18) unstable; urgency=medium
527 * Add ndp option to host and VM firewall options
529 * Add router-solicitation to NeighborDiscovery macro
531 -- Proxmox Support Team <support@proxmox.com> Fri, 19 Feb 2016 10:01:22 +0100
533 pve-firewall (2.0-17) unstable; urgency=medium
535 * Don't leave empty FW config files behind
537 -- Proxmox Support Team <support@proxmox.com> Mon, 08 Feb 2016 14:09:24 +0100
539 pve-firewall (2.0-16) unstable; urgency=medium
541 * logger: basic ipv6 support
545 * add dhcpv6 support to the dhcp option
547 -- Proxmox Support Team <support@proxmox.com> Tue, 26 Jan 2016 16:52:14 +0100
549 pve-firewall (2.0-15) unstable; urgency=medium
551 * fix bug #859: use $security_group_name_pattern in iptables_get_chains
553 * fix some regular expressions mixups
555 -- Proxmox Support Team <support@proxmox.com> Thu, 07 Jan 2016 16:33:23 +0100
557 pve-firewall (2.0-14) unstable; urgency=medium
559 * fix systemd service dependencies
561 -- Proxmox Support Team <support@proxmox.com> Fri, 27 Nov 2015 10:52:57 +0100
563 pve-firewall (2.0-13) unstable; urgency=medium
565 * allow numeric icmp types
567 -- Proxmox Support Team <support@proxmox.com> Fri, 23 Oct 2015 13:21:53 +0200
569 pve-firewall (2.0-12) unstable; urgency=medium
571 * implement bash completions
573 * convert pve-firewall into a PVE::Service class
575 -- Proxmox Support Team <support@proxmox.com> Thu, 24 Sep 2015 12:15:00 +0200
577 pve-firewall (2.0-11) unstable; urgency=medium
579 * iptables_get_chains: fix veth device name
581 -- Proxmox Support Team <support@proxmox.com> Tue, 08 Sep 2015 07:54:35 +0200
583 pve-firewall (2.0-10) unstable; urgency=medium
585 * new helper: clone_vmfw_conf()
587 -- Proxmox Support Team <support@proxmox.com> Tue, 25 Aug 2015 06:47:49 +0200
589 pve-firewall (2.0-9) unstable; urgency=medium
591 * remove firewall config file subroutine added
593 -- Proxmox Support Team <support@proxmox.com> Wed, 19 Aug 2015 15:42:51 +0200
595 pve-firewall (2.0-8) unstable; urgency=medium
597 * adopt regresion tests for lxc containers
599 * removed firewall code for openVZ
601 * Subroutine verify_rule fixed to correctly check only for "net\d+"
602 interface device names
604 -- Proxmox Support Team <support@proxmox.com> Wed, 12 Aug 2015 12:01:43 +0200
606 pve-firewall (2.0-7) unstable; urgency=medium
608 * added firewall code for lxc
610 -- Proxmox Support Team <support@proxmox.com> Mon, 10 Aug 2015 09:21:14 +0200
612 pve-firewall (2.0-6) unstable; urgency=medium
614 * firewall ipversion comparison fix
616 -- Proxmox Support Team <support@proxmox.com> Tue, 04 Aug 2015 11:14:51 +0200
618 pve-firewall (2.0-5) unstable; urgency=medium
620 * add ipv6 neighbor discovery and solicitation macros
622 * ip6tables accepts both spellings of the word neighbor
626 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jul 2015 13:20:55 +0200
628 pve-firewall (2.0-4) unstable; urgency=medium
630 * include manual page for pve-firewall
632 -- Proxmox Support Team <support@proxmox.com> Sat, 27 Jun 2015 16:26:28 +0200
634 pve-firewall (2.0-3) unstable; urgency=medium
636 * use noawait trigers for pve-api-updates
638 -- Proxmox Support Team <support@proxmox.com> Mon, 01 Jun 2015 12:33:06 +0200
640 pve-firewall (2.0-2) unstable; urgency=medium
642 * trigger pve-api-updates event
644 -- Proxmox Support Team <support@proxmox.com> Tue, 05 May 2015 15:10:24 +0200
646 pve-firewall (2.0-1) unstable; urgency=medium
648 * recompile for debian jessie
650 -- Proxmox Support Team <support@proxmox.com> Fri, 27 Feb 2015 12:22:04 +0100
652 pve-firewall (1.0-18) unstable; urgency=low
656 -- Proxmox Support Team <support@proxmox.com> Mon, 09 Feb 2015 09:32:03 +0100
658 pve-firewall (1.0-17) unstable; urgency=low
660 * fix restart behavior
662 -- Proxmox Support Team <support@proxmox.com> Thu, 15 Jan 2015 06:45:58 +0100
664 pve-firewall (1.0-16) unstable; urgency=low
666 * use new Daemon class from pve-common
668 -- Proxmox Support Team <support@proxmox.com> Thu, 18 Dec 2014 09:45:07 +0100
670 pve-firewall (1.0-15) unstable; urgency=low
672 * bug fix: load cluster conf for host rules
674 -- Proxmox Support Team <support@proxmox.com> Fri, 12 Dec 2014 06:33:28 +0100
676 pve-firewall (1.0-14) unstable; urgency=low
678 * do not use ipset list chains
680 * remove preinst script (not needed anymore)
682 -- Proxmox Support Team <support@proxmox.com> Fri, 05 Dec 2014 13:42:00 +0100
684 pve-firewall (1.0-13) unstable; urgency=low
686 * fix ipset remove order
688 -- Proxmox Support Team <support@proxmox.com> Fri, 28 Nov 2014 12:45:48 +0100
690 pve-firewall (1.0-12) unstable; urgency=low
692 * add preinst script to clear ipset from older installation (because
693 sets cannot be swapped if there type does not match.
695 -- Proxmox Support Team <support@proxmox.com> Fri, 28 Nov 2014 08:59:38 +0100
697 pve-firewall (1.0-11) unstable; urgency=low
699 * bug fix: correctly set ipversion for aliases in verify_rule
701 * save restore commands into files to make debugging
702 easier (/var/lib/pve-firewall/)
704 -- Proxmox Support Team <support@proxmox.com> Fri, 28 Nov 2014 08:04:05 +0100
706 pve-firewall (1.0-10) unstable; urgency=low
708 * add IPv6 support for VMs (hostfw is IPv4 only)
710 -- Proxmox Support Team <support@proxmox.com> Wed, 26 Nov 2014 07:00:29 +0100
712 pve-firewall (1.0-9) unstable; urgency=low
714 * fix max ipset name name length
716 -- Proxmox Support Team <support@proxmox.com> Tue, 14 Oct 2014 16:29:34 +0200
718 pve-firewall (1.0-8) unstable; urgency=low
720 * implement permission
722 -- Proxmox Support Team <support@proxmox.com> Mon, 08 Sep 2014 12:15:21 +0200
724 pve-firewall (1.0-7) unstable; urgency=low
726 * proxy host rule API calls to correct node
728 * always generate MAC and IP filter rules if firewall is enabled on NIC
730 -- Proxmox Support Team <support@proxmox.com> Thu, 26 Jun 2014 07:12:57 +0200
732 pve-firewall (1.0-6) unstable; urgency=low
734 * ipmlement ipfilter ipsets
736 -- Proxmox Support Team <support@proxmox.com> Thu, 12 Jun 2014 08:37:08 +0200
738 pve-firewall (1.0-5) unstable; urgency=low
740 * remove ipsets when firewall disabled
742 -- Proxmox Support Team <support@proxmox.com> Wed, 04 Jun 2014 08:50:18 +0200
744 pve-firewall (1.0-4) unstable; urgency=low
746 * depend on iptables and ipset
748 -- Proxmox Support Team <support@proxmox.com> Wed, 04 Jun 2014 06:45:33 +0200
750 pve-firewall (1.0-3) unstable; urgency=low
752 * change dh_installinit order (register pvefw-logger before pve-firewall)
754 -- Proxmox Support Team <support@proxmox.com> Wed, 04 Jun 2014 06:24:21 +0200
756 pve-firewall (1.0-2) unstable; urgency=low
758 * add experimental nflog logging daemon
760 -- Proxmox Support Team <support@proxmox.com> Thu, 13 Mar 2014 08:27:01 +0100
762 pve-firewall (1.0-1) unstable; urgency=low
766 -- Proxmox Support Team <support@proxmox.com> Mon, 03 Mar 2014 08:37:06 +0100