]>
Commit | Line | Data |
---|---|---|
5ac03b1c WB |
1 | pve-firewall (4.0-8) pve; urgency=medium |
2 | ||
3 | * increase default nf_conntrack_max to the kernel's default | |
4 | ||
5 | * fix some "use of uninitialized value" warnings when updating CIDRs | |
6 | ||
7 | * update schema documentation | |
8 | ||
9 | * add explicit dependency on libpve-cluster-perl | |
10 | ||
11 | * add support for "raw" tables | |
12 | ||
13 | * add options for synflood protection for host firewall: | |
14 | - nf_conntrack_tcp_timeout_syn_recv | |
15 | - protection_synflood: boolean | |
16 | - protection_synflood_rate: SYN rate limit (default 200 per second) | |
17 | - protection_synflood_burst: SYN burst limit (default 1000) | |
18 | ||
19 | -- Proxmox Support Team <support@proxmox.com> Mon, 18 Nov 2019 13:48:20 +0100 | |
20 | ||
bd368955 FG |
21 | pve-firewall (4.0-7) pve; urgency=medium |
22 | ||
23 | * only add VM chains and rules if VM firewall is enabled | |
24 | ||
25 | -- Proxmox Support Team <support@proxmox.com> Wed, 7 Aug 2019 10:55:06 +0200 | |
26 | ||
c8f3e1ee TL |
27 | pve-firewall (4.0-6) pve; urgency=medium |
28 | ||
29 | * firewall macros: add new Ceph protocol v2 port while keeping v1 port | |
30 | ||
31 | -- Proxmox Support Team <support@proxmox.com> Tue, 23 Jul 2019 18:57:48 +0200 | |
32 | ||
6fc572dc TL |
33 | pve-firewall (4.0-5) pve; urgency=medium |
34 | ||
35 | * don't use any base path at all for calls to external binaries to make use | |
36 | compativle with bot, /usr merged and unmerged setups | |
37 | ||
38 | -- Proxmox Support Team <support@proxmox.com> Fri, 12 Jul 2019 11:47:53 +0200 | |
39 | ||
b1379400 TL |
40 | pve-firewall (4.0-4) pve; urgency=medium |
41 | ||
42 | * ebtables: remove PVE chains properly | |
43 | ||
44 | * ebtables: treat chain deletion as change | |
45 | ||
46 | * use /usr/sbin as base path | |
47 | ||
48 | -- Proxmox Support Team <support@proxmox.com> Thu, 11 Jul 2019 19:40:01 +0200 | |
49 | ||
9e01d77d TL |
50 | pve-firewall (4.0-3) pve; urgency=medium |
51 | ||
52 | * Create corosync firewall rules independently of localnet~ | |
53 | ||
54 | * Display corosync rule info on localnet call | |
55 | ||
56 | -- Proxmox Support Team <support@proxmox.com> Thu, 04 Jul 2019 15:56:11 +0200 | |
57 | ||
9429bd35 TL |
58 | pve-firewall (4.0-2) pve; urgency=medium |
59 | ||
60 | * fix systemd warning about PIDFile directory | |
61 | ||
62 | * fix CT rule generation with ipfilter set | |
63 | ||
64 | * pve-firewall service: update-alternative iptables and ebtables to working | |
65 | legacy versions | |
66 | ||
67 | -- Proxmox Support Team <support@proxmox.com> Mon, 24 Jun 2019 20:43:21 +0200 | |
68 | ||
6b9da9b0 TL |
69 | pve-firewall (4.0-1) pve; urgency=medium |
70 | ||
71 | * re-build for Debian Buster / PVE 6 | |
72 | ||
73 | -- Proxmox Support Team <support@proxmox.com> Tue, 21 May 2019 22:28:55 +0200 | |
74 | ||
dd7d737b TL |
75 | pve-firewall (3.0-21) unstable; urgency=medium |
76 | ||
77 | * fix ipv6 PVEFW-reject | |
78 | ||
79 | * fix #2193: arpfilter: CT: remove mask from net IP/CIDR to avoid | |
80 | ebtables doing the wrong thing here | |
81 | ||
82 | -- Proxmox Support Team <support@proxmox.com> Wed, 08 May 2019 10:09:31 +0000 | |
83 | ||
bbf77725 TL |
84 | pve-firewall (3.0-20) unstable; urgency=medium |
85 | ||
86 | * use IPCC to read config and rule files, if the are backed by pmxcfs which | |
87 | has better handling for pmxcfs restarts | |
88 | ||
89 | * fix #2178: endless loop on ipv6 extension headers | |
90 | ||
91 | -- Proxmox Support Team <support@proxmox.com> Fri, 19 Apr 2019 05:10:13 +0000 | |
92 | ||
baba607a TL |
93 | pve-firewall (3.0-19) unstable; urgency=medium |
94 | ||
95 | * ebtables: add arp filtering | |
96 | ||
97 | * fix: #2123 Logging of user defined firewall rules | |
98 | ||
99 | * fix Razor macro | |
100 | ||
101 | * allow to enable/disable and modify cluster wide log ratelimits | |
102 | ||
103 | -- Proxmox Support Team <support@proxmox.com> Tue, 02 Apr 2019 11:15:16 +0200 | |
104 | ||
d8ea08e3 TL |
105 | pve-firewall (3.0-18) unstable; urgency=medium |
106 | ||
107 | * fix #1606: Add nf_conntrack_allow_invalid option | |
108 | ||
109 | * log reject : add space after policy REJECT like drop | |
110 | ||
111 | * fix #1891: Add zsh command completion for pve-firewall | |
112 | ||
113 | -- Proxmox Support Team <support@proxmox.com> Mon, 04 Mar 2019 10:27:01 +0100 | |
114 | ||
91d88bc5 TL |
115 | pve-firewall (3.0-17) unstable; urgency=medium |
116 | ||
117 | * fix #2005: only allow ascii port digits | |
118 | ||
119 | * fix #2004: do not allow backwards ranges | |
120 | ||
121 | * add conntrack logging via libnetfilter_conntrack and allow one to enable | |
122 | it through the firewall host configuration | |
123 | ||
124 | -- Proxmox Support Team <support@proxmox.com> Wed, 09 Jan 2019 16:56:17 +0100 | |
125 | ||
81d13a9d TL |
126 | pve-firewall (3.0-16) unstable; urgency=medium |
127 | ||
128 | * api/rules: fix macro return type | |
129 | ||
130 | -- Proxmox Support Team <support@proxmox.com> Fri, 30 Nov 2018 16:02:59 +0100 | |
131 | ||
bed701bc TL |
132 | pve-firewall (3.0-15) unstable; urgency=medium |
133 | ||
134 | * fix #1971: display firewall rule properties | |
135 | ||
136 | -- Proxmox Support Team <support@proxmox.com> Fri, 23 Nov 2018 14:01:33 +0100 | |
137 | ||
a24b157b WB |
138 | pve-firewall (3.0-14) unstable; urgency=medium |
139 | ||
140 | * fix #1841: avoid ebtable reloads when containers have multiple network | |
141 | interfaces | |
142 | ||
143 | -- Proxmox Support Team <support@proxmox.com> Fri, 24 Aug 2018 10:51:04 +0200 | |
144 | ||
cf7dd94b WB |
145 | pve-firewall (3.0-13) unstable; urgency=medium |
146 | ||
147 | * avoid unnecessary reloads of ebtable ruleset | |
148 | ||
149 | -- Proxmox Support Team <support@proxmox.com> Thu, 28 Jun 2018 14:47:16 +0200 | |
150 | ||
dd03bf6e WB |
151 | pve-firewall (3.0-12) unstable; urgency=medium |
152 | ||
153 | * fix deleted iptables chains not being properly detected as a change | |
154 | ||
155 | -- Proxmox Support Team <support@proxmox.com> Tue, 12 Jun 2018 12:01:02 +0200 | |
156 | ||
587a0f20 | 157 | pve-firewall (3.0-11) unstable; urgency=medium |
a3a51dad TL |
158 | |
159 | * #1764: rename 'ebtales_enable' option to 'ebtables' | |
160 | ||
587a0f20 | 161 | -- Proxmox Support Team <support@proxmox.com> Wed, 06 Jun 2018 16:18:13 +0200 |
a3a51dad | 162 | |
423b86ef WB |
163 | pve-firewall (3.0-10) unstable; urgency=medium |
164 | ||
165 | * fix #1764: handle existing ebtables rules and allow disabling ebtables | |
166 | ||
167 | * ebtables handling can be disabled via /etc/pve/firewall/cluster.fw's new | |
168 | ebtables_enable option. | |
169 | ||
170 | -- Proxmox Support Team <support@proxmox.com> Tue, 29 May 2018 15:14:33 +0200 | |
171 | ||
567e58ce WB |
172 | pve-firewall (3.0-9) unstable; urgency=medium |
173 | ||
174 | * fix creation of ebltables FORWARD rule entry | |
175 | ||
176 | -- Proxmox Support Team <support@proxmox.com> Thu, 17 May 2018 14:41:27 +0200 | |
177 | ||
ea0d59ed WB |
178 | pve-firewall (3.0-8) unstable; urgency=medium |
179 | ||
180 | * add ebtables support for better MAC filtering | |
181 | ||
182 | -- Proxmox Support Team <support@proxmox.com> Wed, 11 Apr 2018 14:25:41 +0200 | |
183 | ||
9a19ec81 WB |
184 | pve-firewall (3.0-7) unstable; urgency=medium |
185 | ||
186 | * support distinct source and destination multi-port matching | |
187 | ||
188 | * multi-port matching: when specifying the same list of ports for source and | |
189 | destination require them both to match, rather than one of them, as this | |
190 | was rather unexpected behavior | |
191 | ||
192 | -- Proxmox Support Team <support@proxmox.com> Mon, 12 Mar 2018 14:58:08 +0100 | |
193 | ||
8c41d444 DM |
194 | pve-firewall (3.0-6) unstable; urgency=medium |
195 | ||
196 | * fix #1319: don't fail postinst with masked service | |
197 | ||
198 | * debian: switch to compat 9, drop init scripts, drop preinst | |
199 | ||
200 | * check multiport limit in port ranges | |
201 | ||
202 | * build: use git rev-parse for GITVERSION | |
203 | ||
204 | -- Proxmox Support Team <support@proxmox.com> Thu, 08 Mar 2018 13:53:11 +0100 | |
205 | ||
4299c35f WB |
206 | pve-firewall (3.0-5) unstable; urgency=medium |
207 | ||
208 | * fix issue with disabled flag not being honored within groups | |
209 | ||
210 | -- Proxmox Support Team <support@proxmox.com> Thu, 07 Dec 2017 08:31:42 +0100 | |
211 | ||
a19d4127 WB |
212 | pve-firewall (3.0-4) unstable; urgency=medium |
213 | ||
214 | * fix issues with ipsets reloading unnecessarily or too late | |
215 | ||
216 | * fix some typos in the logs | |
217 | ||
218 | -- Proxmox Support Team <support@proxmox.com> Thu, 16 Nov 2017 11:41:56 +0100 | |
219 | ||
c0c71b1b WB |
220 | pve-firewall (3.0-3) unstable; urgency=medium |
221 | ||
222 | * Fix #1492: logger: use current timestamp if the packet doesn't have one | |
223 | ||
224 | -- Proxmox Support Team <support@proxmox.com> Tue, 12 Sep 2017 14:43:06 +0200 | |
225 | ||
4f7a4bdd WB |
226 | pve-firewall (3.0-2) unstable; urgency=medium |
227 | ||
228 | * Fix #1446: remove masks in case the package had previously been removed but | |
229 | not purged. | |
230 | ||
231 | * improve logging on errors in the firewall configuration | |
232 | ||
233 | * forbid trailing commas in lists as iptables-restore doesn't support them | |
234 | ||
235 | -- Proxmox Support Team <support@proxmox.com> Mon, 17 Jul 2017 15:24:40 +0200 | |
236 | ||
29a94c79 FG |
237 | pve-firewall (3.0-1) unstable; urgency=medium |
238 | ||
239 | * rebuild for Debian Stretch | |
240 | ||
241 | -- Proxmox Support Team <support@proxmox.com> Thu, 9 Mar 2017 14:04:17 +0100 | |
242 | ||
df67a3dc DM |
243 | pve-firewall (2.0-33) unstable; urgency=medium |
244 | ||
245 | * ipset: don't allow zero-prefix entries | |
246 | ||
247 | -- Proxmox Support Team <support@proxmox.com> Tue, 29 Nov 2016 12:18:04 +0100 | |
248 | ||
dc643b4d DM |
249 | pve-firewall (2.0-32) unstable; urgency=medium |
250 | ||
251 | * improve search for local-network | |
252 | ||
253 | -- Proxmox Support Team <support@proxmox.com> Tue, 29 Nov 2016 06:35:08 +0100 | |
254 | ||
45f206fd DM |
255 | pve-firewall (2.0-31) unstable; urgency=medium |
256 | ||
257 | * don't try to apply ports to rules which don't support them | |
258 | ||
259 | -- Proxmox Support Team <support@proxmox.com> Thu, 06 Oct 2016 08:31:51 +0200 | |
260 | ||
2ea28d0c DM |
261 | pve-firewall (2.0-30) unstable; urgency=medium |
262 | ||
263 | * add multicast DNS to the list of Macros | |
264 | ||
265 | * add missing parameter descriptions | |
266 | ||
267 | * build-depends: add dh-systemd | |
268 | ||
269 | -- Proxmox Support Team <support@proxmox.com> Fri, 16 Sep 2016 08:53:16 +0200 | |
270 | ||
b65d13d9 DM |
271 | pve-firewall (2.0-29) unstable; urgency=medium |
272 | ||
273 | * prevent overwriting ipsets/sec. groups by renaming | |
274 | ||
275 | -- Proxmox Support Team <support@proxmox.com> Fri, 03 Jun 2016 16:46:10 +0200 | |
276 | ||
d0f3bb08 DM |
277 | pve-firewall (2.0-28) unstable; urgency=medium |
278 | ||
279 | * use pve-common's ipv4_mask_hash_localnet | |
280 | ||
5c53cde4 DC |
281 | * fix allowed group name length |
282 | ||
283 | * make group digest stable | |
284 | ||
d0f3bb08 DM |
285 | -- Proxmox Support Team <support@proxmox.com> Fri, 03 Jun 2016 11:01:47 +0200 |
286 | ||
76a57e1a DM |
287 | pve-firewall (2.0-27) unstable; urgency=medium |
288 | ||
289 | * fix #972: make PVEFW-FWBR-* rule order stable | |
290 | ||
291 | -- Proxmox Support Team <support@proxmox.com> Tue, 17 May 2016 07:59:52 +0200 | |
292 | ||
17642172 DM |
293 | pve-firewall (2.0-26) unstable; urgency=medium |
294 | ||
295 | * fix #988: set rp_filter=2 | |
296 | ||
297 | -- Proxmox Support Team <support@proxmox.com> Mon, 09 May 2016 10:01:28 +0200 | |
298 | ||
6e29af12 DM |
299 | pve-firewall (2.0-25) unstable; urgency=medium |
300 | ||
301 | * fix #945: add uninitialized check in lxc ipset compilation | |
302 | ||
303 | -- Proxmox Support Team <support@proxmox.com> Thu, 21 Apr 2016 09:58:33 +0200 | |
304 | ||
edb4aff5 DM |
305 | pve-firewall (2.0-24) unstable; urgency=medium |
306 | ||
307 | * Build-Depend on pve-doc-generator | |
308 | ||
309 | * generate manpage with pve-doc-generator | |
310 | ||
311 | -- Proxmox Support Team <support@proxmox.com> Wed, 06 Apr 2016 10:52:45 +0200 | |
312 | ||
e1158c15 DM |
313 | pve-firewall (2.0-23) unstable; urgency=medium |
314 | ||
315 | * use only the top bit for our accept marks | |
316 | ||
317 | -- Proxmox Support Team <support@proxmox.com> Fri, 01 Apr 2016 07:35:38 +0200 | |
318 | ||
5399f912 DM |
319 | pve-firewall (2.0-22) unstable; urgency=medium |
320 | ||
321 | * Use cfs_config_path from PVE::QemuConfig | |
322 | ||
323 | -- Proxmox Support Team <support@proxmox.com> Tue, 08 Mar 2016 11:47:40 +0100 | |
324 | ||
b9e73915 DM |
325 | pve-firewall (2.0-21) unstable; urgency=medium |
326 | ||
327 | * added new 'ipfilter' option | |
328 | ||
329 | -- Proxmox Support Team <support@proxmox.com> Thu, 03 Mar 2016 09:43:39 +0100 | |
330 | ||
e2a49003 DM |
331 | pve-firewall (2.0-20) unstable; urgency=medium |
332 | ||
333 | * fix 901: encode unicode characters in sha digest | |
334 | ||
335 | -- Proxmox Support Team <support@proxmox.com> Mon, 29 Feb 2016 12:40:14 +0100 | |
336 | ||
1d10f89a DM |
337 | pve-firewall (2.0-19) unstable; urgency=medium |
338 | ||
339 | * Add radv option to VM options | |
340 | ||
341 | -- Proxmox Support Team <support@proxmox.com> Sat, 27 Feb 2016 10:24:42 +0100 | |
342 | ||
666093cd DM |
343 | pve-firewall (2.0-18) unstable; urgency=medium |
344 | ||
345 | * Add ndp option to host and VM firewall options | |
346 | ||
347 | * Add router-solicitation to NeighborDiscovery macro | |
348 | ||
349 | -- Proxmox Support Team <support@proxmox.com> Fri, 19 Feb 2016 10:01:22 +0100 | |
350 | ||
eaf25885 DM |
351 | pve-firewall (2.0-17) unstable; urgency=medium |
352 | ||
353 | * Don't leave empty FW config files behind | |
354 | ||
355 | -- Proxmox Support Team <support@proxmox.com> Mon, 08 Feb 2016 14:09:24 +0100 | |
356 | ||
a177fb07 DM |
357 | pve-firewall (2.0-16) unstable; urgency=medium |
358 | ||
359 | * logger: basic ipv6 support | |
360 | ||
361 | * add DHCPv6 macro | |
362 | ||
363 | * add dhcpv6 support to the dhcp option | |
364 | ||
365 | -- Proxmox Support Team <support@proxmox.com> Tue, 26 Jan 2016 16:52:14 +0100 | |
366 | ||
ab1b8d3c DM |
367 | pve-firewall (2.0-15) unstable; urgency=medium |
368 | ||
369 | * fix bug #859: use $security_group_name_pattern in iptables_get_chains | |
370 | ||
371 | * fix some regular expressions mixups | |
372 | ||
373 | -- Proxmox Support Team <support@proxmox.com> Thu, 07 Jan 2016 16:33:23 +0100 | |
374 | ||
c9c8d7a3 DM |
375 | pve-firewall (2.0-14) unstable; urgency=medium |
376 | ||
377 | * fix systemd service dependencies | |
378 | ||
379 | -- Proxmox Support Team <support@proxmox.com> Fri, 27 Nov 2015 10:52:57 +0100 | |
380 | ||
aa818ae7 DM |
381 | pve-firewall (2.0-13) unstable; urgency=medium |
382 | ||
383 | * allow numeric icmp types | |
384 | ||
385 | -- Proxmox Support Team <support@proxmox.com> Fri, 23 Oct 2015 13:21:53 +0200 | |
386 | ||
8dbebe7d DM |
387 | pve-firewall (2.0-12) unstable; urgency=medium |
388 | ||
389 | * implement bash completions | |
390 | ||
391 | * convert pve-firewall into a PVE::Service class | |
392 | ||
393 | -- Proxmox Support Team <support@proxmox.com> Thu, 24 Sep 2015 12:15:00 +0200 | |
394 | ||
47704f4c DM |
395 | pve-firewall (2.0-11) unstable; urgency=medium |
396 | ||
397 | * iptables_get_chains: fix veth device name | |
398 | ||
399 | -- Proxmox Support Team <support@proxmox.com> Tue, 08 Sep 2015 07:54:35 +0200 | |
400 | ||
9eb84dc7 DM |
401 | pve-firewall (2.0-10) unstable; urgency=medium |
402 | ||
403 | * new helper: clone_vmfw_conf() | |
404 | ||
405 | -- Proxmox Support Team <support@proxmox.com> Tue, 25 Aug 2015 06:47:49 +0200 | |
406 | ||
a3d34dac DM |
407 | pve-firewall (2.0-9) unstable; urgency=medium |
408 | ||
409 | * remove firewall config file subroutine added | |
410 | ||
411 | -- Proxmox Support Team <support@proxmox.com> Wed, 19 Aug 2015 15:42:51 +0200 | |
412 | ||
2a42a237 DM |
413 | pve-firewall (2.0-8) unstable; urgency=medium |
414 | ||
415 | * adopt regresion tests for lxc containers | |
416 | ||
417 | * removed firewall code for openVZ | |
418 | ||
419 | * Subroutine verify_rule fixed to correctly check only for "net\d+" | |
420 | interface device names | |
421 | ||
422 | -- Proxmox Support Team <support@proxmox.com> Wed, 12 Aug 2015 12:01:43 +0200 | |
423 | ||
33448a6e DM |
424 | pve-firewall (2.0-7) unstable; urgency=medium |
425 | ||
426 | * added firewall code for lxc | |
427 | ||
428 | -- Proxmox Support Team <support@proxmox.com> Mon, 10 Aug 2015 09:21:14 +0200 | |
429 | ||
19f14465 DM |
430 | pve-firewall (2.0-6) unstable; urgency=medium |
431 | ||
432 | * firewall ipversion comparison fix | |
433 | ||
434 | -- Proxmox Support Team <support@proxmox.com> Tue, 04 Aug 2015 11:14:51 +0200 | |
435 | ||
8feec9fa DM |
436 | pve-firewall (2.0-5) unstable; urgency=medium |
437 | ||
438 | * add ipv6 neighbor discovery and solicitation macros | |
439 | ||
440 | * ip6tables accepts both spellings of the word neighbor | |
441 | ||
442 | * added Ceph macro | |
443 | ||
444 | -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jul 2015 13:20:55 +0200 | |
445 | ||
e02c77aa DM |
446 | pve-firewall (2.0-4) unstable; urgency=medium |
447 | ||
448 | * include manual page for pve-firewall | |
449 | ||
450 | -- Proxmox Support Team <support@proxmox.com> Sat, 27 Jun 2015 16:26:28 +0200 | |
451 | ||
eb4a2902 DM |
452 | pve-firewall (2.0-3) unstable; urgency=medium |
453 | ||
454 | * use noawait trigers for pve-api-updates | |
455 | ||
456 | -- Proxmox Support Team <support@proxmox.com> Mon, 01 Jun 2015 12:33:06 +0200 | |
457 | ||
56bb2e69 DM |
458 | pve-firewall (2.0-2) unstable; urgency=medium |
459 | ||
460 | * trigger pve-api-updates event | |
461 | ||
462 | -- Proxmox Support Team <support@proxmox.com> Tue, 05 May 2015 15:10:24 +0200 | |
463 | ||
0b18ebe8 DM |
464 | pve-firewall (2.0-1) unstable; urgency=medium |
465 | ||
466 | * recompile for debian jessie | |
467 | ||
468 | -- Proxmox Support Team <support@proxmox.com> Fri, 27 Feb 2015 12:22:04 +0100 | |
469 | ||
609f00c7 DM |
470 | pve-firewall (1.0-18) unstable; urgency=low |
471 | ||
472 | * fix alias lookup | |
473 | ||
474 | -- Proxmox Support Team <support@proxmox.com> Mon, 09 Feb 2015 09:32:03 +0100 | |
475 | ||
de48e659 DM |
476 | pve-firewall (1.0-17) unstable; urgency=low |
477 | ||
478 | * fix restart behavior | |
479 | ||
480 | -- Proxmox Support Team <support@proxmox.com> Thu, 15 Jan 2015 06:45:58 +0100 | |
481 | ||
b92d2ed2 DM |
482 | pve-firewall (1.0-16) unstable; urgency=low |
483 | ||
484 | * use new Daemon class from pve-common | |
485 | ||
486 | -- Proxmox Support Team <support@proxmox.com> Thu, 18 Dec 2014 09:45:07 +0100 | |
487 | ||
22dde8d6 DM |
488 | pve-firewall (1.0-15) unstable; urgency=low |
489 | ||
490 | * bug fix: load cluster conf for host rules | |
491 | ||
492 | -- Proxmox Support Team <support@proxmox.com> Fri, 12 Dec 2014 06:33:28 +0100 | |
493 | ||
e33e2f16 DM |
494 | pve-firewall (1.0-14) unstable; urgency=low |
495 | ||
496 | * do not use ipset list chains | |
497 | ||
498 | * remove preinst script (not needed anymore) | |
499 | ||
500 | -- Proxmox Support Team <support@proxmox.com> Fri, 05 Dec 2014 13:42:00 +0100 | |
501 | ||
3bce273b DM |
502 | pve-firewall (1.0-13) unstable; urgency=low |
503 | ||
504 | * fix ipset remove order | |
505 | ||
506 | -- Proxmox Support Team <support@proxmox.com> Fri, 28 Nov 2014 12:45:48 +0100 | |
507 | ||
7a7c322c DM |
508 | pve-firewall (1.0-12) unstable; urgency=low |
509 | ||
510 | * add preinst script to clear ipset from older installation (because | |
511 | sets cannot be swapped if there type does not match. | |
ce41ae23 | 512 | |
7a7c322c DM |
513 | -- Proxmox Support Team <support@proxmox.com> Fri, 28 Nov 2014 08:59:38 +0100 |
514 | ||
1b918ee5 DM |
515 | pve-firewall (1.0-11) unstable; urgency=low |
516 | ||
517 | * bug fix: correctly set ipversion for aliases in verify_rule | |
518 | ||
519 | * save restore commands into files to make debugging | |
520 | easier (/var/lib/pve-firewall/) | |
521 | ||
522 | -- Proxmox Support Team <support@proxmox.com> Fri, 28 Nov 2014 08:04:05 +0100 | |
523 | ||
df617cea DM |
524 | pve-firewall (1.0-10) unstable; urgency=low |
525 | ||
526 | * add IPv6 support for VMs (hostfw is IPv4 only) | |
527 | ||
528 | -- Proxmox Support Team <support@proxmox.com> Wed, 26 Nov 2014 07:00:29 +0100 | |
529 | ||
0ac57570 DM |
530 | pve-firewall (1.0-9) unstable; urgency=low |
531 | ||
532 | * fix max ipset name name length | |
533 | ||
534 | -- Proxmox Support Team <support@proxmox.com> Tue, 14 Oct 2014 16:29:34 +0200 | |
535 | ||
05fd3b63 DM |
536 | pve-firewall (1.0-8) unstable; urgency=low |
537 | ||
538 | * implement permission | |
539 | ||
540 | -- Proxmox Support Team <support@proxmox.com> Mon, 08 Sep 2014 12:15:21 +0200 | |
541 | ||
bea9d5ab DM |
542 | pve-firewall (1.0-7) unstable; urgency=low |
543 | ||
544 | * proxy host rule API calls to correct node | |
a34cfdd0 DM |
545 | |
546 | * always generate MAC and IP filter rules if firewall is enabled on NIC | |
bea9d5ab DM |
547 | |
548 | -- Proxmox Support Team <support@proxmox.com> Thu, 26 Jun 2014 07:12:57 +0200 | |
549 | ||
582275c3 DM |
550 | pve-firewall (1.0-6) unstable; urgency=low |
551 | ||
552 | * ipmlement ipfilter ipsets | |
553 | ||
554 | -- Proxmox Support Team <support@proxmox.com> Thu, 12 Jun 2014 08:37:08 +0200 | |
555 | ||
de0c1e49 DM |
556 | pve-firewall (1.0-5) unstable; urgency=low |
557 | ||
558 | * remove ipsets when firewall disabled | |
559 | ||
560 | -- Proxmox Support Team <support@proxmox.com> Wed, 04 Jun 2014 08:50:18 +0200 | |
561 | ||
64c266f5 DM |
562 | pve-firewall (1.0-4) unstable; urgency=low |
563 | ||
564 | * depend on iptables and ipset | |
565 | ||
566 | -- Proxmox Support Team <support@proxmox.com> Wed, 04 Jun 2014 06:45:33 +0200 | |
567 | ||
16bcfa8b DM |
568 | pve-firewall (1.0-3) unstable; urgency=low |
569 | ||
570 | * change dh_installinit order (register pvefw-logger before pve-firewall) | |
571 | ||
572 | -- Proxmox Support Team <support@proxmox.com> Wed, 04 Jun 2014 06:24:21 +0200 | |
573 | ||
ba0b3a0a DM |
574 | pve-firewall (1.0-2) unstable; urgency=low |
575 | ||
576 | * add experimental nflog logging daemon | |
577 | ||
578 | -- Proxmox Support Team <support@proxmox.com> Thu, 13 Mar 2014 08:27:01 +0100 | |
579 | ||
bb272dd3 DM |
580 | pve-firewall (1.0-1) unstable; urgency=low |
581 | ||
582 | * initial package | |
583 | ||
584 | -- Proxmox Support Team <support@proxmox.com> Mon, 03 Mar 2014 08:37:06 +0100 | |
585 |