]> git.proxmox.com Git - pve-firewall.git/blame - debian/changelog
projects / pve-firewall.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
fix #4018: add firewall macro for SPICE
[pve-firewall.git] / debian / changelog
CommitLineData
dd559e8a
TL		 1pve-firewall (4.2-6) bullseye; urgency=medium
2
3 * config defaults: document that the mac filter defaults to on
4
5 * fix #4175: ignore non-filter ebtables tables
6
7 * fix enabling ebtables if VM firewall config is invalid
8
9 -- Proxmox Support Team <support@proxmox.com> Mon, 29 Aug 2022 09:43:53 +0200
10
fba392f2
TL		 11pve-firewall (4.2-5) bullseye; urgency=medium
12
13 * fix #3677 ipset get chains: handle newer ipset output for actual
14 change detection
15
16 -- Proxmox Support Team <support@proxmox.com> Thu, 04 Nov 2021 16:37:13 +0100
17
bd63a439
TL		 18pve-firewall (4.2-4) bullseye; urgency=medium
19
20 * re-build to avoid issues stemming from semi-broken systemd-debhelper version
21
22 -- Proxmox Support Team <support@proxmox.com> Tue, 12 Oct 2021 10:39:05 +0200
23
2a2b81b4
TL		 24pve-firewall (4.2-3) bullseye; urgency=medium
25
26 * fix #2721: remove the (nowadays) bogus reject for TCP port 43 from the
27 default drop and reject actions
28
29 -- Proxmox Support Team <support@proxmox.com> Fri, 10 Sep 2021 13:00:07 +0200
30
dcdbb559
TL		 31pve-firewall (4.2-2) bullseye; urgency=medium
32
33 * re-set relevant sysctls on every apply round
34
35 -- Proxmox Support Team <support@proxmox.com> Mon, 21 Jun 2021 11:31:42 +0200
36
ce9cfab8
TL		 37pve-firewall (4.2-1) bullseye; urgency=medium
38
39 * fix #967: source: dest: limit length
40
41 * re-build for Debian 11 Bullseye based releases (Proxmox VE 7)
42
43 * fix #2358: allow --<opt> in firewall rule config files
44
45 -- Proxmox Support Team <support@proxmox.com> Wed, 12 May 2021 20:32:30 +0200
46
8a4e5b69
TL		 47pve-firewall (4.1-3) pve; urgency=medium
48
49 * fix #2773: ebtables: keep policy of custom chains
50
51 * introduce new icmp-type parameter
52
53 -- Proxmox Support Team <support@proxmox.com> Fri, 18 Sep 2020 16:51:27 +0200
54
70718917
TL		 55pve-firewall (4.1-2) pve; urgency=medium
56
57 * revert: rules: verify referenced security group exists
58
59 -- Proxmox Support Team <support@proxmox.com> Wed, 06 May 2020 17:41:36 +0200
60
c5530455
TL		 61pve-firewall (4.1-1) pve; urgency=medium
62
63 * logging: add missing log message for inbound rules
64
65 * fix #2686: avoid adding 'arp-ip-src' IP filter if guests uses DHCP
66
67 * IPSets: parse the CIDR before checking for duplicates
68
69 * verify that a referenced security group exists
70
71 * ICMP: fix iptables-restore failing if ICMP-type values bigger than '255'
72
73 * ICMP: allow one to specify the 'echo-reply' (0) type also as integer
74
75 * improve handling concurrent (parallel) access and modifications to rules
76
77 -- Proxmox Support Team <support@proxmox.com> Mon, 04 May 2020 15:01:57 +0200
78
56a47140
TL		 79pve-firewall (4.0-10) pve; urgency=medium
80
81 * macros: add macro for Proxmox Mail Gateway web interface
82
83 * api node: always pass cluster conf to node FW parser to fix false positive
84 error message about non existing aliases, or IP sets, when querying the
85 node FW options GET API call.
86
87 * grammar fix: s/does not exists/does not exist/g
88
89 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jan 2020 19:25:49 +0100
90
5162c268
TL		 91pve-firewall (4.0-9) pve; urgency=medium
92
93 * ensure port range used for offline storage migration and insecure migration
94 traffic is allowed by default rule set.
95
96 -- Proxmox Support Team <support@proxmox.com> Tue, 03 Dec 2019 08:12:20 +0100
97
5ac03b1c
WB		 98pve-firewall (4.0-8) pve; urgency=medium
99
100 * increase default nf_conntrack_max to the kernel's default
101
102 * fix some "use of uninitialized value" warnings when updating CIDRs
103
104 * update schema documentation
105
106 * add explicit dependency on libpve-cluster-perl
107
108 * add support for "raw" tables
109
110 * add options for synflood protection for host firewall:
111 - nf_conntrack_tcp_timeout_syn_recv
112 - protection_synflood: boolean
113 - protection_synflood_rate: SYN rate limit (default 200 per second)
114 - protection_synflood_burst: SYN burst limit (default 1000)
115
116 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Nov 2019 13:48:20 +0100
117
bd368955
FG		 118pve-firewall (4.0-7) pve; urgency=medium
119
120 * only add VM chains and rules if VM firewall is enabled
121
122 -- Proxmox Support Team <support@proxmox.com> Wed, 7 Aug 2019 10:55:06 +0200
123
c8f3e1ee
TL		 124pve-firewall (4.0-6) pve; urgency=medium
125
126 * firewall macros: add new Ceph protocol v2 port while keeping v1 port
127
128 -- Proxmox Support Team <support@proxmox.com> Tue, 23 Jul 2019 18:57:48 +0200
129
6fc572dc
TL		 130pve-firewall (4.0-5) pve; urgency=medium
131
132 * don't use any base path at all for calls to external binaries to make use
133 compativle with bot, /usr merged and unmerged setups
134
135 -- Proxmox Support Team <support@proxmox.com> Fri, 12 Jul 2019 11:47:53 +0200
136
b1379400
TL		 137pve-firewall (4.0-4) pve; urgency=medium
138
139 * ebtables: remove PVE chains properly
140
141 * ebtables: treat chain deletion as change
142
143 * use /usr/sbin as base path
144
145 -- Proxmox Support Team <support@proxmox.com> Thu, 11 Jul 2019 19:40:01 +0200
146
9e01d77d
TL		 147pve-firewall (4.0-3) pve; urgency=medium
148
149 * Create corosync firewall rules independently of localnet~
150
151 * Display corosync rule info on localnet call
152
153 -- Proxmox Support Team <support@proxmox.com> Thu, 04 Jul 2019 15:56:11 +0200
154
9429bd35
TL		 155pve-firewall (4.0-2) pve; urgency=medium
156
157 * fix systemd warning about PIDFile directory
158
159 * fix CT rule generation with ipfilter set
160
161 * pve-firewall service: update-alternative iptables and ebtables to working
162 legacy versions
163
164 -- Proxmox Support Team <support@proxmox.com> Mon, 24 Jun 2019 20:43:21 +0200
165
6b9da9b0
TL		 166pve-firewall (4.0-1) pve; urgency=medium
167
168 * re-build for Debian Buster / PVE 6
169
170 -- Proxmox Support Team <support@proxmox.com> Tue, 21 May 2019 22:28:55 +0200
171
dd7d737b
TL		 172pve-firewall (3.0-21) unstable; urgency=medium
173
174 * fix ipv6 PVEFW-reject
175
176 * fix #2193: arpfilter: CT: remove mask from net IP/CIDR to avoid
177 ebtables doing the wrong thing here
178
179 -- Proxmox Support Team <support@proxmox.com> Wed, 08 May 2019 10:09:31 +0000
180
bbf77725
TL		 181pve-firewall (3.0-20) unstable; urgency=medium
182
183 * use IPCC to read config and rule files, if the are backed by pmxcfs which
184 has better handling for pmxcfs restarts
185
186 * fix #2178: endless loop on ipv6 extension headers
187
188 -- Proxmox Support Team <support@proxmox.com> Fri, 19 Apr 2019 05:10:13 +0000
189
baba607a
TL		 190pve-firewall (3.0-19) unstable; urgency=medium
191
192 * ebtables: add arp filtering
193
194 * fix: #2123 Logging of user defined firewall rules
195
196 * fix Razor macro
197
198 * allow to enable/disable and modify cluster wide log ratelimits
199
200 -- Proxmox Support Team <support@proxmox.com> Tue, 02 Apr 2019 11:15:16 +0200
201
d8ea08e3
TL		 202pve-firewall (3.0-18) unstable; urgency=medium
203
204 * fix #1606: Add nf_conntrack_allow_invalid option
205
206 * log reject : add space after policy REJECT like drop
207
208 * fix #1891: Add zsh command completion for pve-firewall
209
210 -- Proxmox Support Team <support@proxmox.com> Mon, 04 Mar 2019 10:27:01 +0100
211
91d88bc5
TL		 212pve-firewall (3.0-17) unstable; urgency=medium
213
214 * fix #2005: only allow ascii port digits
215
216 * fix #2004: do not allow backwards ranges
217
218 * add conntrack logging via libnetfilter_conntrack and allow one to enable
219 it through the firewall host configuration
220
221 -- Proxmox Support Team <support@proxmox.com> Wed, 09 Jan 2019 16:56:17 +0100
222
81d13a9d
TL		 223pve-firewall (3.0-16) unstable; urgency=medium
224
225 * api/rules: fix macro return type
226
227 -- Proxmox Support Team <support@proxmox.com> Fri, 30 Nov 2018 16:02:59 +0100
228
bed701bc
TL		 229pve-firewall (3.0-15) unstable; urgency=medium
230
231 * fix #1971: display firewall rule properties
232
233 -- Proxmox Support Team <support@proxmox.com> Fri, 23 Nov 2018 14:01:33 +0100
234
a24b157b
WB		 235pve-firewall (3.0-14) unstable; urgency=medium
236
237 * fix #1841: avoid ebtable reloads when containers have multiple network
238 interfaces
239
240 -- Proxmox Support Team <support@proxmox.com> Fri, 24 Aug 2018 10:51:04 +0200
241
cf7dd94b
WB		 242pve-firewall (3.0-13) unstable; urgency=medium
243
244 * avoid unnecessary reloads of ebtable ruleset
245
246 -- Proxmox Support Team <support@proxmox.com> Thu, 28 Jun 2018 14:47:16 +0200
247
dd03bf6e
WB		 248pve-firewall (3.0-12) unstable; urgency=medium
249
250 * fix deleted iptables chains not being properly detected as a change
251
252 -- Proxmox Support Team <support@proxmox.com> Tue, 12 Jun 2018 12:01:02 +0200
253
587a0f20 254pve-firewall (3.0-11) unstable; urgency=medium
a3a51dad
TL		 255
256 * #1764: rename 'ebtales_enable' option to 'ebtables'
257
587a0f20 258 -- Proxmox Support Team <support@proxmox.com> Wed, 06 Jun 2018 16:18:13 +0200
a3a51dad 259
423b86ef
WB		 260pve-firewall (3.0-10) unstable; urgency=medium
261
262 * fix #1764: handle existing ebtables rules and allow disabling ebtables
263
264 * ebtables handling can be disabled via /etc/pve/firewall/cluster.fw's new
265 ebtables_enable option.
266
267 -- Proxmox Support Team <support@proxmox.com> Tue, 29 May 2018 15:14:33 +0200
268
567e58ce
WB		 269pve-firewall (3.0-9) unstable; urgency=medium
270
271 * fix creation of ebltables FORWARD rule entry
272
273 -- Proxmox Support Team <support@proxmox.com> Thu, 17 May 2018 14:41:27 +0200
274
ea0d59ed
WB		 275pve-firewall (3.0-8) unstable; urgency=medium
276
277 * add ebtables support for better MAC filtering
278
279 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Apr 2018 14:25:41 +0200
280
9a19ec81
WB		 281pve-firewall (3.0-7) unstable; urgency=medium
282
283 * support distinct source and destination multi-port matching
284
285 * multi-port matching: when specifying the same list of ports for source and
286 destination require them both to match, rather than one of them, as this
287 was rather unexpected behavior
288
289 -- Proxmox Support Team <support@proxmox.com> Mon, 12 Mar 2018 14:58:08 +0100
290
8c41d444
DM		 291pve-firewall (3.0-6) unstable; urgency=medium
292
293 * fix #1319: don't fail postinst with masked service
294
295 * debian: switch to compat 9, drop init scripts, drop preinst
296
297 * check multiport limit in port ranges
298
299 * build: use git rev-parse for GITVERSION
300
301 -- Proxmox Support Team <support@proxmox.com> Thu, 08 Mar 2018 13:53:11 +0100
302
4299c35f
WB		 303pve-firewall (3.0-5) unstable; urgency=medium
304
305 * fix issue with disabled flag not being honored within groups
306
307 -- Proxmox Support Team <support@proxmox.com> Thu, 07 Dec 2017 08:31:42 +0100
308
a19d4127
WB		 309pve-firewall (3.0-4) unstable; urgency=medium
310
311 * fix issues with ipsets reloading unnecessarily or too late
312
313 * fix some typos in the logs
314
315 -- Proxmox Support Team <support@proxmox.com> Thu, 16 Nov 2017 11:41:56 +0100
316
c0c71b1b
WB		 317pve-firewall (3.0-3) unstable; urgency=medium
318
319 * Fix #1492: logger: use current timestamp if the packet doesn't have one
320
321 -- Proxmox Support Team <support@proxmox.com> Tue, 12 Sep 2017 14:43:06 +0200
322
4f7a4bdd
WB		 323pve-firewall (3.0-2) unstable; urgency=medium
324
325 * Fix #1446: remove masks in case the package had previously been removed but
326 not purged.
327
328 * improve logging on errors in the firewall configuration
329
330 * forbid trailing commas in lists as iptables-restore doesn't support them
331
332 -- Proxmox Support Team <support@proxmox.com> Mon, 17 Jul 2017 15:24:40 +0200
333
29a94c79
FG		 334pve-firewall (3.0-1) unstable; urgency=medium
335
336 * rebuild for Debian Stretch
337
338 -- Proxmox Support Team <support@proxmox.com> Thu, 9 Mar 2017 14:04:17 +0100
339
df67a3dc
DM		 340pve-firewall (2.0-33) unstable; urgency=medium
341
342 * ipset: don't allow zero-prefix entries
343
344 -- Proxmox Support Team <support@proxmox.com> Tue, 29 Nov 2016 12:18:04 +0100
345
dc643b4d
DM		 346pve-firewall (2.0-32) unstable; urgency=medium
347
348 * improve search for local-network
349
350 -- Proxmox Support Team <support@proxmox.com> Tue, 29 Nov 2016 06:35:08 +0100
351
45f206fd
DM		 352pve-firewall (2.0-31) unstable; urgency=medium
353
354 * don't try to apply ports to rules which don't support them
355
356 -- Proxmox Support Team <support@proxmox.com> Thu, 06 Oct 2016 08:31:51 +0200
357
2ea28d0c
DM		 358pve-firewall (2.0-30) unstable; urgency=medium
359
360 * add multicast DNS to the list of Macros
361
362 * add missing parameter descriptions
363
364 * build-depends: add dh-systemd
365
366 -- Proxmox Support Team <support@proxmox.com> Fri, 16 Sep 2016 08:53:16 +0200
367
b65d13d9
DM		 368pve-firewall (2.0-29) unstable; urgency=medium
369
370 * prevent overwriting ipsets/sec. groups by renaming
371
372 -- Proxmox Support Team <support@proxmox.com> Fri, 03 Jun 2016 16:46:10 +0200
373
d0f3bb08
DM		 374pve-firewall (2.0-28) unstable; urgency=medium
375
376 * use pve-common's ipv4_mask_hash_localnet
377
5c53cde4
DC		 378 * fix allowed group name length
379
380 * make group digest stable
381
d0f3bb08
DM		 382 -- Proxmox Support Team <support@proxmox.com> Fri, 03 Jun 2016 11:01:47 +0200
383
76a57e1a
DM		 384pve-firewall (2.0-27) unstable; urgency=medium
385
386 * fix #972: make PVEFW-FWBR-* rule order stable
387
388 -- Proxmox Support Team <support@proxmox.com> Tue, 17 May 2016 07:59:52 +0200
389
17642172
DM		 390pve-firewall (2.0-26) unstable; urgency=medium
391
392 * fix #988: set rp_filter=2
393
394 -- Proxmox Support Team <support@proxmox.com> Mon, 09 May 2016 10:01:28 +0200
395
6e29af12
DM		 396pve-firewall (2.0-25) unstable; urgency=medium
397
398 * fix #945: add uninitialized check in lxc ipset compilation
399
400 -- Proxmox Support Team <support@proxmox.com> Thu, 21 Apr 2016 09:58:33 +0200
401
edb4aff5
DM		 402pve-firewall (2.0-24) unstable; urgency=medium
403
404 * Build-Depend on pve-doc-generator
405
406 * generate manpage with pve-doc-generator
407
408 -- Proxmox Support Team <support@proxmox.com> Wed, 06 Apr 2016 10:52:45 +0200
409
e1158c15
DM		 410pve-firewall (2.0-23) unstable; urgency=medium
411
412 * use only the top bit for our accept marks
413
414 -- Proxmox Support Team <support@proxmox.com> Fri, 01 Apr 2016 07:35:38 +0200
415
5399f912
DM		 416pve-firewall (2.0-22) unstable; urgency=medium
417
418 * Use cfs_config_path from PVE::QemuConfig
419
420 -- Proxmox Support Team <support@proxmox.com> Tue, 08 Mar 2016 11:47:40 +0100
421
b9e73915
DM		 422pve-firewall (2.0-21) unstable; urgency=medium
423
424 * added new 'ipfilter' option
425
426 -- Proxmox Support Team <support@proxmox.com> Thu, 03 Mar 2016 09:43:39 +0100
427
e2a49003
DM		 428pve-firewall (2.0-20) unstable; urgency=medium
429
430 * fix 901: encode unicode characters in sha digest
431
432 -- Proxmox Support Team <support@proxmox.com> Mon, 29 Feb 2016 12:40:14 +0100
433
1d10f89a
DM		 434pve-firewall (2.0-19) unstable; urgency=medium
435
436 * Add radv option to VM options
437
438 -- Proxmox Support Team <support@proxmox.com> Sat, 27 Feb 2016 10:24:42 +0100
439
666093cd
DM		 440pve-firewall (2.0-18) unstable; urgency=medium
441
442 * Add ndp option to host and VM firewall options
443
444 * Add router-solicitation to NeighborDiscovery macro
445
446 -- Proxmox Support Team <support@proxmox.com> Fri, 19 Feb 2016 10:01:22 +0100
447
eaf25885
DM		 448pve-firewall (2.0-17) unstable; urgency=medium
449
450 * Don't leave empty FW config files behind
451
452 -- Proxmox Support Team <support@proxmox.com> Mon, 08 Feb 2016 14:09:24 +0100
453
a177fb07
DM		 454pve-firewall (2.0-16) unstable; urgency=medium
455
456 * logger: basic ipv6 support
457
458 * add DHCPv6 macro
459
460 * add dhcpv6 support to the dhcp option
461
462 -- Proxmox Support Team <support@proxmox.com> Tue, 26 Jan 2016 16:52:14 +0100
463
ab1b8d3c
DM		 464pve-firewall (2.0-15) unstable; urgency=medium
465
466 * fix bug #859: use $security_group_name_pattern in iptables_get_chains
467
468 * fix some regular expressions mixups
469
470 -- Proxmox Support Team <support@proxmox.com> Thu, 07 Jan 2016 16:33:23 +0100
471
c9c8d7a3
DM		 472pve-firewall (2.0-14) unstable; urgency=medium
473
474 * fix systemd service dependencies
475
476 -- Proxmox Support Team <support@proxmox.com> Fri, 27 Nov 2015 10:52:57 +0100
477
aa818ae7
DM		 478pve-firewall (2.0-13) unstable; urgency=medium
479
480 * allow numeric icmp types
481
482 -- Proxmox Support Team <support@proxmox.com> Fri, 23 Oct 2015 13:21:53 +0200
483
8dbebe7d
DM		 484pve-firewall (2.0-12) unstable; urgency=medium
485
486 * implement bash completions
487
488 * convert pve-firewall into a PVE::Service class
489
490 -- Proxmox Support Team <support@proxmox.com> Thu, 24 Sep 2015 12:15:00 +0200
491
47704f4c
DM		 492pve-firewall (2.0-11) unstable; urgency=medium
493
494 * iptables_get_chains: fix veth device name
495
496 -- Proxmox Support Team <support@proxmox.com> Tue, 08 Sep 2015 07:54:35 +0200
497
9eb84dc7
DM		 498pve-firewall (2.0-10) unstable; urgency=medium
499
500 * new helper: clone_vmfw_conf()
501
502 -- Proxmox Support Team <support@proxmox.com> Tue, 25 Aug 2015 06:47:49 +0200
503
a3d34dac
DM		 504pve-firewall (2.0-9) unstable; urgency=medium
505
506 * remove firewall config file subroutine added
507
508 -- Proxmox Support Team <support@proxmox.com> Wed, 19 Aug 2015 15:42:51 +0200
509
2a42a237
DM		 510pve-firewall (2.0-8) unstable; urgency=medium
511
512 * adopt regresion tests for lxc containers
513
514 * removed firewall code for openVZ
515
516 * Subroutine verify_rule fixed to correctly check only for "net\d+"
517 interface device names
518
519 -- Proxmox Support Team <support@proxmox.com> Wed, 12 Aug 2015 12:01:43 +0200
520
33448a6e
DM		 521pve-firewall (2.0-7) unstable; urgency=medium
522
523 * added firewall code for lxc
524
525 -- Proxmox Support Team <support@proxmox.com> Mon, 10 Aug 2015 09:21:14 +0200
526
19f14465
DM		 527pve-firewall (2.0-6) unstable; urgency=medium
528
529 * firewall ipversion comparison fix
530
531 -- Proxmox Support Team <support@proxmox.com> Tue, 04 Aug 2015 11:14:51 +0200
532
8feec9fa
DM		 533pve-firewall (2.0-5) unstable; urgency=medium
534
535 * add ipv6 neighbor discovery and solicitation macros
536
537 * ip6tables accepts both spellings of the word neighbor
538
539 * added Ceph macro
540
541 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jul 2015 13:20:55 +0200
542
e02c77aa
DM		 543pve-firewall (2.0-4) unstable; urgency=medium
544
545 * include manual page for pve-firewall
546
547 -- Proxmox Support Team <support@proxmox.com> Sat, 27 Jun 2015 16:26:28 +0200
548
eb4a2902
DM		 549pve-firewall (2.0-3) unstable; urgency=medium
550
551 * use noawait trigers for pve-api-updates
552
553 -- Proxmox Support Team <support@proxmox.com> Mon, 01 Jun 2015 12:33:06 +0200
554
56bb2e69
DM		 555pve-firewall (2.0-2) unstable; urgency=medium
556
557 * trigger pve-api-updates event
558
559 -- Proxmox Support Team <support@proxmox.com> Tue, 05 May 2015 15:10:24 +0200
560
0b18ebe8
DM		 561pve-firewall (2.0-1) unstable; urgency=medium
562
563 * recompile for debian jessie
564
565 -- Proxmox Support Team <support@proxmox.com> Fri, 27 Feb 2015 12:22:04 +0100
566
609f00c7
DM		 567pve-firewall (1.0-18) unstable; urgency=low
568
569 * fix alias lookup
570
571 -- Proxmox Support Team <support@proxmox.com> Mon, 09 Feb 2015 09:32:03 +0100
572
de48e659
DM		 573pve-firewall (1.0-17) unstable; urgency=low
574
575 * fix restart behavior
576
577 -- Proxmox Support Team <support@proxmox.com> Thu, 15 Jan 2015 06:45:58 +0100
578
b92d2ed2
DM		 579pve-firewall (1.0-16) unstable; urgency=low
580
581 * use new Daemon class from pve-common
582
583 -- Proxmox Support Team <support@proxmox.com> Thu, 18 Dec 2014 09:45:07 +0100
584
22dde8d6
DM		 585pve-firewall (1.0-15) unstable; urgency=low
586
587 * bug fix: load cluster conf for host rules
588
589 -- Proxmox Support Team <support@proxmox.com> Fri, 12 Dec 2014 06:33:28 +0100
590
e33e2f16
DM		 591pve-firewall (1.0-14) unstable; urgency=low
592
593 * do not use ipset list chains
594
595 * remove preinst script (not needed anymore)
596
597 -- Proxmox Support Team <support@proxmox.com> Fri, 05 Dec 2014 13:42:00 +0100
598
3bce273b
DM		 599pve-firewall (1.0-13) unstable; urgency=low
600
601 * fix ipset remove order
602
603 -- Proxmox Support Team <support@proxmox.com> Fri, 28 Nov 2014 12:45:48 +0100
604
7a7c322c
DM		 605pve-firewall (1.0-12) unstable; urgency=low
606
607 * add preinst script to clear ipset from older installation (because
608 sets cannot be swapped if there type does not match.
ce41ae23 609
7a7c322c
DM		 610 -- Proxmox Support Team <support@proxmox.com> Fri, 28 Nov 2014 08:59:38 +0100
611
1b918ee5
DM		 612pve-firewall (1.0-11) unstable; urgency=low
613
614 * bug fix: correctly set ipversion for aliases in verify_rule
615
616 * save restore commands into files to make debugging
617 easier (/var/lib/pve-firewall/)
618
619 -- Proxmox Support Team <support@proxmox.com> Fri, 28 Nov 2014 08:04:05 +0100
620
df617cea
DM		 621pve-firewall (1.0-10) unstable; urgency=low
622
623 * add IPv6 support for VMs (hostfw is IPv4 only)
624
625 -- Proxmox Support Team <support@proxmox.com> Wed, 26 Nov 2014 07:00:29 +0100
626
0ac57570
DM		 627pve-firewall (1.0-9) unstable; urgency=low
628
629 * fix max ipset name name length
630
631 -- Proxmox Support Team <support@proxmox.com> Tue, 14 Oct 2014 16:29:34 +0200
632
05fd3b63
DM		 633pve-firewall (1.0-8) unstable; urgency=low
634
635 * implement permission
636
637 -- Proxmox Support Team <support@proxmox.com> Mon, 08 Sep 2014 12:15:21 +0200
638
bea9d5ab
DM		 639pve-firewall (1.0-7) unstable; urgency=low
640
641 * proxy host rule API calls to correct node
a34cfdd0
DM		 642
643 * always generate MAC and IP filter rules if firewall is enabled on NIC
bea9d5ab
DM		 644
645 -- Proxmox Support Team <support@proxmox.com> Thu, 26 Jun 2014 07:12:57 +0200
646
582275c3
DM		 647pve-firewall (1.0-6) unstable; urgency=low
648
649 * ipmlement ipfilter ipsets
650
651 -- Proxmox Support Team <support@proxmox.com> Thu, 12 Jun 2014 08:37:08 +0200
652
de0c1e49
DM		 653pve-firewall (1.0-5) unstable; urgency=low
654
655 * remove ipsets when firewall disabled
656
657 -- Proxmox Support Team <support@proxmox.com> Wed, 04 Jun 2014 08:50:18 +0200
658
64c266f5
DM		 659pve-firewall (1.0-4) unstable; urgency=low
660
661 * depend on iptables and ipset
662
663 -- Proxmox Support Team <support@proxmox.com> Wed, 04 Jun 2014 06:45:33 +0200
664
16bcfa8b
DM		 665pve-firewall (1.0-3) unstable; urgency=low
666
667 * change dh_installinit order (register pvefw-logger before pve-firewall)
668
669 -- Proxmox Support Team <support@proxmox.com> Wed, 04 Jun 2014 06:24:21 +0200
670
ba0b3a0a
DM		 671pve-firewall (1.0-2) unstable; urgency=low
672
673 * add experimental nflog logging daemon
674
675 -- Proxmox Support Team <support@proxmox.com> Thu, 13 Mar 2014 08:27:01 +0100
676
bb272dd3
DM		 677pve-firewall (1.0-1) unstable; urgency=low
678
679 * initial package
680
681 -- Proxmox Support Team <support@proxmox.com> Mon, 03 Mar 2014 08:37:06 +0100
682
Firewall test scripts