projects / pve-firewall.git / blame
| Commit | Line | Data |
|---|---|---|
| b1379400 TL |
1 | pve-firewall (4.0-4) pve; urgency=medium |
| 2 | ||
| 3 | * ebtables: remove PVE chains properly | |
| 4 | ||
| 5 | * ebtables: treat chain deletion as change | |
| 6 | ||
| 7 | * use /usr/sbin as base path | |
| 8 | ||
| 9 | -- Proxmox Support Team <support@proxmox.com> Thu, 11 Jul 2019 19:40:01 +0200 | |
| 10 | ||
| 9e01d77d TL |
11 | pve-firewall (4.0-3) pve; urgency=medium |
| 12 | ||
| 13 | * Create corosync firewall rules independently of localnet~ | |
| 14 | ||
| 15 | * Display corosync rule info on localnet call | |
| 16 | ||
| 17 | -- Proxmox Support Team <support@proxmox.com> Thu, 04 Jul 2019 15:56:11 +0200 | |
| 18 | ||
| 9429bd35 TL |
19 | pve-firewall (4.0-2) pve; urgency=medium |
| 20 | ||
| 21 | * fix systemd warning about PIDFile directory | |
| 22 | ||
| 23 | * fix CT rule generation with ipfilter set | |
| 24 | ||
| 25 | * pve-firewall service: update-alternative iptables and ebtables to working | |
| 26 | legacy versions | |
| 27 | ||
| 28 | -- Proxmox Support Team <support@proxmox.com> Mon, 24 Jun 2019 20:43:21 +0200 | |
| 29 | ||
| 6b9da9b0 TL |
30 | pve-firewall (4.0-1) pve; urgency=medium |
| 31 | ||
| 32 | * re-build for Debian Buster / PVE 6 | |
| 33 | ||
| 34 | -- Proxmox Support Team <support@proxmox.com> Tue, 21 May 2019 22:28:55 +0200 | |
| 35 | ||
| dd7d737b TL |
36 | pve-firewall (3.0-21) unstable; urgency=medium |
| 37 | ||
| 38 | * fix ipv6 PVEFW-reject | |
| 39 | ||
| 40 | * fix #2193: arpfilter: CT: remove mask from net IP/CIDR to avoid | |
| 41 | ebtables doing the wrong thing here | |
| 42 | ||
| 43 | -- Proxmox Support Team <support@proxmox.com> Wed, 08 May 2019 10:09:31 +0000 | |
| 44 | ||
| bbf77725 TL |
45 | pve-firewall (3.0-20) unstable; urgency=medium |
| 46 | ||
| 47 | * use IPCC to read config and rule files, if the are backed by pmxcfs which | |
| 48 | has better handling for pmxcfs restarts | |
| 49 | ||
| 50 | * fix #2178: endless loop on ipv6 extension headers | |
| 51 | ||
| 52 | -- Proxmox Support Team <support@proxmox.com> Fri, 19 Apr 2019 05:10:13 +0000 | |
| 53 | ||
| baba607a TL |
54 | pve-firewall (3.0-19) unstable; urgency=medium |
| 55 | ||
| 56 | * ebtables: add arp filtering | |
| 57 | ||
| 58 | * fix: #2123 Logging of user defined firewall rules | |
| 59 | ||
| 60 | * fix Razor macro | |
| 61 | ||
| 62 | * allow to enable/disable and modify cluster wide log ratelimits | |
| 63 | ||
| 64 | -- Proxmox Support Team <support@proxmox.com> Tue, 02 Apr 2019 11:15:16 +0200 | |
| 65 | ||
| d8ea08e3 TL |
66 | pve-firewall (3.0-18) unstable; urgency=medium |
| 67 | ||
| 68 | * fix #1606: Add nf_conntrack_allow_invalid option | |
| 69 | ||
| 70 | * log reject : add space after policy REJECT like drop | |
| 71 | ||
| 72 | * fix #1891: Add zsh command completion for pve-firewall | |
| 73 | ||
| 74 | -- Proxmox Support Team <support@proxmox.com> Mon, 04 Mar 2019 10:27:01 +0100 | |
| 75 | ||
| 91d88bc5 TL |
76 | pve-firewall (3.0-17) unstable; urgency=medium |
| 77 | ||
| 78 | * fix #2005: only allow ascii port digits | |
| 79 | ||
| 80 | * fix #2004: do not allow backwards ranges | |
| 81 | ||
| 82 | * add conntrack logging via libnetfilter_conntrack and allow one to enable | |
| 83 | it through the firewall host configuration | |
| 84 | ||
| 85 | -- Proxmox Support Team <support@proxmox.com> Wed, 09 Jan 2019 16:56:17 +0100 | |
| 86 | ||
| 81d13a9d TL |
87 | pve-firewall (3.0-16) unstable; urgency=medium |
| 88 | ||
| 89 | * api/rules: fix macro return type | |
| 90 | ||
| 91 | -- Proxmox Support Team <support@proxmox.com> Fri, 30 Nov 2018 16:02:59 +0100 | |
| 92 | ||
| bed701bc TL |
93 | pve-firewall (3.0-15) unstable; urgency=medium |
| 94 | ||
| 95 | * fix #1971: display firewall rule properties | |
| 96 | ||
| 97 | -- Proxmox Support Team <support@proxmox.com> Fri, 23 Nov 2018 14:01:33 +0100 | |
| 98 | ||
| a24b157b WB |
99 | pve-firewall (3.0-14) unstable; urgency=medium |
| 100 | ||
| 101 | * fix #1841: avoid ebtable reloads when containers have multiple network | |
| 102 | interfaces | |
| 103 | ||
| 104 | -- Proxmox Support Team <support@proxmox.com> Fri, 24 Aug 2018 10:51:04 +0200 | |
| 105 | ||
| cf7dd94b WB |
106 | pve-firewall (3.0-13) unstable; urgency=medium |
| 107 | ||
| 108 | * avoid unnecessary reloads of ebtable ruleset | |
| 109 | ||
| 110 | -- Proxmox Support Team <support@proxmox.com> Thu, 28 Jun 2018 14:47:16 +0200 | |
| 111 | ||
| dd03bf6e WB |
112 | pve-firewall (3.0-12) unstable; urgency=medium |
| 113 | ||
| 114 | * fix deleted iptables chains not being properly detected as a change | |
| 115 | ||
| 116 | -- Proxmox Support Team <support@proxmox.com> Tue, 12 Jun 2018 12:01:02 +0200 | |
| 117 | ||
| 587a0f20 | 118 | pve-firewall (3.0-11) unstable; urgency=medium |
| a3a51dad TL |
119 | |
| 120 | * #1764: rename 'ebtales_enable' option to 'ebtables' | |
| 121 | ||
| 587a0f20 | 122 | -- Proxmox Support Team <support@proxmox.com> Wed, 06 Jun 2018 16:18:13 +0200 |
| a3a51dad | 123 | |
| 423b86ef WB |
124 | pve-firewall (3.0-10) unstable; urgency=medium |
| 125 | ||
| 126 | * fix #1764: handle existing ebtables rules and allow disabling ebtables | |
| 127 | ||
| 128 | * ebtables handling can be disabled via /etc/pve/firewall/cluster.fw's new | |
| 129 | ebtables_enable option. | |
| 130 | ||
| 131 | -- Proxmox Support Team <support@proxmox.com> Tue, 29 May 2018 15:14:33 +0200 | |
| 132 | ||
| 567e58ce WB |
133 | pve-firewall (3.0-9) unstable; urgency=medium |
| 134 | ||
| 135 | * fix creation of ebltables FORWARD rule entry | |
| 136 | ||
| 137 | -- Proxmox Support Team <support@proxmox.com> Thu, 17 May 2018 14:41:27 +0200 | |
| 138 | ||
| ea0d59ed WB |
139 | pve-firewall (3.0-8) unstable; urgency=medium |
| 140 | ||
| 141 | * add ebtables support for better MAC filtering | |
| 142 | ||
| 143 | -- Proxmox Support Team <support@proxmox.com> Wed, 11 Apr 2018 14:25:41 +0200 | |
| 144 | ||
| 9a19ec81 WB |
145 | pve-firewall (3.0-7) unstable; urgency=medium |
| 146 | ||
| 147 | * support distinct source and destination multi-port matching | |
| 148 | ||
| 149 | * multi-port matching: when specifying the same list of ports for source and | |
| 150 | destination require them both to match, rather than one of them, as this | |
| 151 | was rather unexpected behavior | |
| 152 | ||
| 153 | -- Proxmox Support Team <support@proxmox.com> Mon, 12 Mar 2018 14:58:08 +0100 | |
| 154 | ||
| 8c41d444 DM |
155 | pve-firewall (3.0-6) unstable; urgency=medium |
| 156 | ||
| 157 | * fix #1319: don't fail postinst with masked service | |
| 158 | ||
| 159 | * debian: switch to compat 9, drop init scripts, drop preinst | |
| 160 | ||
| 161 | * check multiport limit in port ranges | |
| 162 | ||
| 163 | * build: use git rev-parse for GITVERSION | |
| 164 | ||
| 165 | -- Proxmox Support Team <support@proxmox.com> Thu, 08 Mar 2018 13:53:11 +0100 | |
| 166 | ||
| 4299c35f WB |
167 | pve-firewall (3.0-5) unstable; urgency=medium |
| 168 | ||
| 169 | * fix issue with disabled flag not being honored within groups | |
| 170 | ||
| 171 | -- Proxmox Support Team <support@proxmox.com> Thu, 07 Dec 2017 08:31:42 +0100 | |
| 172 | ||
| a19d4127 WB |
173 | pve-firewall (3.0-4) unstable; urgency=medium |
| 174 | ||
| 175 | * fix issues with ipsets reloading unnecessarily or too late | |
| 176 | ||
| 177 | * fix some typos in the logs | |
| 178 | ||
| 179 | -- Proxmox Support Team <support@proxmox.com> Thu, 16 Nov 2017 11:41:56 +0100 | |
| 180 | ||
| c0c71b1b WB |
181 | pve-firewall (3.0-3) unstable; urgency=medium |
| 182 | ||
| 183 | * Fix #1492: logger: use current timestamp if the packet doesn't have one | |
| 184 | ||
| 185 | -- Proxmox Support Team <support@proxmox.com> Tue, 12 Sep 2017 14:43:06 +0200 | |
| 186 | ||
| 4f7a4bdd WB |
187 | pve-firewall (3.0-2) unstable; urgency=medium |
| 188 | ||
| 189 | * Fix #1446: remove masks in case the package had previously been removed but | |
| 190 | not purged. | |
| 191 | ||
| 192 | * improve logging on errors in the firewall configuration | |
| 193 | ||
| 194 | * forbid trailing commas in lists as iptables-restore doesn't support them | |
| 195 | ||
| 196 | -- Proxmox Support Team <support@proxmox.com> Mon, 17 Jul 2017 15:24:40 +0200 | |
| 197 | ||
| 29a94c79 FG |
198 | pve-firewall (3.0-1) unstable; urgency=medium |
| 199 | ||
| 200 | * rebuild for Debian Stretch | |
| 201 | ||
| 202 | -- Proxmox Support Team <support@proxmox.com> Thu, 9 Mar 2017 14:04:17 +0100 | |
| 203 | ||
| df67a3dc DM |
204 | pve-firewall (2.0-33) unstable; urgency=medium |
| 205 | ||
| 206 | * ipset: don't allow zero-prefix entries | |
| 207 | ||
| 208 | -- Proxmox Support Team <support@proxmox.com> Tue, 29 Nov 2016 12:18:04 +0100 | |
| 209 | ||
| dc643b4d DM |
210 | pve-firewall (2.0-32) unstable; urgency=medium |
| 211 | ||
| 212 | * improve search for local-network | |
| 213 | ||
| 214 | -- Proxmox Support Team <support@proxmox.com> Tue, 29 Nov 2016 06:35:08 +0100 | |
| 215 | ||
| 45f206fd DM |
216 | pve-firewall (2.0-31) unstable; urgency=medium |
| 217 | ||
| 218 | * don't try to apply ports to rules which don't support them | |
| 219 | ||
| 220 | -- Proxmox Support Team <support@proxmox.com> Thu, 06 Oct 2016 08:31:51 +0200 | |
| 221 | ||
| 2ea28d0c DM |
222 | pve-firewall (2.0-30) unstable; urgency=medium |
| 223 | ||
| 224 | * add multicast DNS to the list of Macros | |
| 225 | ||
| 226 | * add missing parameter descriptions | |
| 227 | ||
| 228 | * build-depends: add dh-systemd | |
| 229 | ||
| 230 | -- Proxmox Support Team <support@proxmox.com> Fri, 16 Sep 2016 08:53:16 +0200 | |
| 231 | ||
| b65d13d9 DM |
232 | pve-firewall (2.0-29) unstable; urgency=medium |
| 233 | ||
| 234 | * prevent overwriting ipsets/sec. groups by renaming | |
| 235 | ||
| 236 | -- Proxmox Support Team <support@proxmox.com> Fri, 03 Jun 2016 16:46:10 +0200 | |
| 237 | ||
| d0f3bb08 DM |
238 | pve-firewall (2.0-28) unstable; urgency=medium |
| 239 | ||
| 240 | * use pve-common's ipv4_mask_hash_localnet | |
| 241 | ||
| 5c53cde4 DC |
242 | * fix allowed group name length |
| 243 | ||
| 244 | * make group digest stable | |
| 245 | ||
| d0f3bb08 DM |
246 | -- Proxmox Support Team <support@proxmox.com> Fri, 03 Jun 2016 11:01:47 +0200 |
| 247 | ||
| 76a57e1a DM |
248 | pve-firewall (2.0-27) unstable; urgency=medium |
| 249 | ||
| 250 | * fix #972: make PVEFW-FWBR-* rule order stable | |
| 251 | ||
| 252 | -- Proxmox Support Team <support@proxmox.com> Tue, 17 May 2016 07:59:52 +0200 | |
| 253 | ||
| 17642172 DM |
254 | pve-firewall (2.0-26) unstable; urgency=medium |
| 255 | ||
| 256 | * fix #988: set rp_filter=2 | |
| 257 | ||
| 258 | -- Proxmox Support Team <support@proxmox.com> Mon, 09 May 2016 10:01:28 +0200 | |
| 259 | ||
| 6e29af12 DM |
260 | pve-firewall (2.0-25) unstable; urgency=medium |
| 261 | ||
| 262 | * fix #945: add uninitialized check in lxc ipset compilation | |
| 263 | ||
| 264 | -- Proxmox Support Team <support@proxmox.com> Thu, 21 Apr 2016 09:58:33 +0200 | |
| 265 | ||
| edb4aff5 DM |
266 | pve-firewall (2.0-24) unstable; urgency=medium |
| 267 | ||
| 268 | * Build-Depend on pve-doc-generator | |
| 269 | ||
| 270 | * generate manpage with pve-doc-generator | |
| 271 | ||
| 272 | -- Proxmox Support Team <support@proxmox.com> Wed, 06 Apr 2016 10:52:45 +0200 | |
| 273 | ||
| e1158c15 DM |
274 | pve-firewall (2.0-23) unstable; urgency=medium |
| 275 | ||
| 276 | * use only the top bit for our accept marks | |
| 277 | ||
| 278 | -- Proxmox Support Team <support@proxmox.com> Fri, 01 Apr 2016 07:35:38 +0200 | |
| 279 | ||
| 5399f912 DM |
280 | pve-firewall (2.0-22) unstable; urgency=medium |
| 281 | ||
| 282 | * Use cfs_config_path from PVE::QemuConfig | |
| 283 | ||
| 284 | -- Proxmox Support Team <support@proxmox.com> Tue, 08 Mar 2016 11:47:40 +0100 | |
| 285 | ||
| b9e73915 DM |
286 | pve-firewall (2.0-21) unstable; urgency=medium |
| 287 | ||
| 288 | * added new 'ipfilter' option | |
| 289 | ||
| 290 | -- Proxmox Support Team <support@proxmox.com> Thu, 03 Mar 2016 09:43:39 +0100 | |
| 291 | ||
| e2a49003 DM |
292 | pve-firewall (2.0-20) unstable; urgency=medium |
| 293 | ||
| 294 | * fix 901: encode unicode characters in sha digest | |
| 295 | ||
| 296 | -- Proxmox Support Team <support@proxmox.com> Mon, 29 Feb 2016 12:40:14 +0100 | |
| 297 | ||
| 1d10f89a DM |
298 | pve-firewall (2.0-19) unstable; urgency=medium |
| 299 | ||
| 300 | * Add radv option to VM options | |
| 301 | ||
| 302 | -- Proxmox Support Team <support@proxmox.com> Sat, 27 Feb 2016 10:24:42 +0100 | |
| 303 | ||
| 666093cd DM |
304 | pve-firewall (2.0-18) unstable; urgency=medium |
| 305 | ||
| 306 | * Add ndp option to host and VM firewall options | |
| 307 | ||
| 308 | * Add router-solicitation to NeighborDiscovery macro | |
| 309 | ||
| 310 | -- Proxmox Support Team <support@proxmox.com> Fri, 19 Feb 2016 10:01:22 +0100 | |
| 311 | ||
| eaf25885 DM |
312 | pve-firewall (2.0-17) unstable; urgency=medium |
| 313 | ||
| 314 | * Don't leave empty FW config files behind | |
| 315 | ||
| 316 | -- Proxmox Support Team <support@proxmox.com> Mon, 08 Feb 2016 14:09:24 +0100 | |
| 317 | ||
| a177fb07 DM |
318 | pve-firewall (2.0-16) unstable; urgency=medium |
| 319 | ||
| 320 | * logger: basic ipv6 support | |
| 321 | ||
| 322 | * add DHCPv6 macro | |
| 323 | ||
| 324 | * add dhcpv6 support to the dhcp option | |
| 325 | ||
| 326 | -- Proxmox Support Team <support@proxmox.com> Tue, 26 Jan 2016 16:52:14 +0100 | |
| 327 | ||
| ab1b8d3c DM |
328 | pve-firewall (2.0-15) unstable; urgency=medium |
| 329 | ||
| 330 | * fix bug #859: use $security_group_name_pattern in iptables_get_chains | |
| 331 | ||
| 332 | * fix some regular expressions mixups | |
| 333 | ||
| 334 | -- Proxmox Support Team <support@proxmox.com> Thu, 07 Jan 2016 16:33:23 +0100 | |
| 335 | ||
| c9c8d7a3 DM |
336 | pve-firewall (2.0-14) unstable; urgency=medium |
| 337 | ||
| 338 | * fix systemd service dependencies | |
| 339 | ||
| 340 | -- Proxmox Support Team <support@proxmox.com> Fri, 27 Nov 2015 10:52:57 +0100 | |
| 341 | ||
| aa818ae7 DM |
342 | pve-firewall (2.0-13) unstable; urgency=medium |
| 343 | ||
| 344 | * allow numeric icmp types | |
| 345 | ||
| 346 | -- Proxmox Support Team <support@proxmox.com> Fri, 23 Oct 2015 13:21:53 +0200 | |
| 347 | ||
| 8dbebe7d DM |
348 | pve-firewall (2.0-12) unstable; urgency=medium |
| 349 | ||
| 350 | * implement bash completions | |
| 351 | ||
| 352 | * convert pve-firewall into a PVE::Service class | |
| 353 | ||
| 354 | -- Proxmox Support Team <support@proxmox.com> Thu, 24 Sep 2015 12:15:00 +0200 | |
| 355 | ||
| 47704f4c DM |
356 | pve-firewall (2.0-11) unstable; urgency=medium |
| 357 | ||
| 358 | * iptables_get_chains: fix veth device name | |
| 359 | ||
| 360 | -- Proxmox Support Team <support@proxmox.com> Tue, 08 Sep 2015 07:54:35 +0200 | |
| 361 | ||
| 9eb84dc7 DM |
362 | pve-firewall (2.0-10) unstable; urgency=medium |
| 363 | ||
| 364 | * new helper: clone_vmfw_conf() | |
| 365 | ||
| 366 | -- Proxmox Support Team <support@proxmox.com> Tue, 25 Aug 2015 06:47:49 +0200 | |
| 367 | ||
| a3d34dac DM |
368 | pve-firewall (2.0-9) unstable; urgency=medium |
| 369 | ||
| 370 | * remove firewall config file subroutine added | |
| 371 | ||
| 372 | -- Proxmox Support Team <support@proxmox.com> Wed, 19 Aug 2015 15:42:51 +0200 | |
| 373 | ||
| 2a42a237 DM |
374 | pve-firewall (2.0-8) unstable; urgency=medium |
| 375 | ||
| 376 | * adopt regresion tests for lxc containers | |
| 377 | ||
| 378 | * removed firewall code for openVZ | |
| 379 | ||
| 380 | * Subroutine verify_rule fixed to correctly check only for "net\d+" | |
| 381 | interface device names | |
| 382 | ||
| 383 | -- Proxmox Support Team <support@proxmox.com> Wed, 12 Aug 2015 12:01:43 +0200 | |
| 384 | ||
| 33448a6e DM |
385 | pve-firewall (2.0-7) unstable; urgency=medium |
| 386 | ||
| 387 | * added firewall code for lxc | |
| 388 | ||
| 389 | -- Proxmox Support Team <support@proxmox.com> Mon, 10 Aug 2015 09:21:14 +0200 | |
| 390 | ||
| 19f14465 DM |
391 | pve-firewall (2.0-6) unstable; urgency=medium |
| 392 | ||
| 393 | * firewall ipversion comparison fix | |
| 394 | ||
| 395 | -- Proxmox Support Team <support@proxmox.com> Tue, 04 Aug 2015 11:14:51 +0200 | |
| 396 | ||
| 8feec9fa DM |
397 | pve-firewall (2.0-5) unstable; urgency=medium |
| 398 | ||
| 399 | * add ipv6 neighbor discovery and solicitation macros | |
| 400 | ||
| 401 | * ip6tables accepts both spellings of the word neighbor | |
| 402 | ||
| 403 | * added Ceph macro | |
| 404 | ||
| 405 | -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jul 2015 13:20:55 +0200 | |
| 406 | ||
| e02c77aa DM |
407 | pve-firewall (2.0-4) unstable; urgency=medium |
| 408 | ||
| 409 | * include manual page for pve-firewall | |
| 410 | ||
| 411 | -- Proxmox Support Team <support@proxmox.com> Sat, 27 Jun 2015 16:26:28 +0200 | |
| 412 | ||
| eb4a2902 DM |
413 | pve-firewall (2.0-3) unstable; urgency=medium |
| 414 | ||
| 415 | * use noawait trigers for pve-api-updates | |
| 416 | ||
| 417 | -- Proxmox Support Team <support@proxmox.com> Mon, 01 Jun 2015 12:33:06 +0200 | |
| 418 | ||
| 56bb2e69 DM |
419 | pve-firewall (2.0-2) unstable; urgency=medium |
| 420 | ||
| 421 | * trigger pve-api-updates event | |
| 422 | ||
| 423 | -- Proxmox Support Team <support@proxmox.com> Tue, 05 May 2015 15:10:24 +0200 | |
| 424 | ||
| 0b18ebe8 DM |
425 | pve-firewall (2.0-1) unstable; urgency=medium |
| 426 | ||
| 427 | * recompile for debian jessie | |
| 428 | ||
| 429 | -- Proxmox Support Team <support@proxmox.com> Fri, 27 Feb 2015 12:22:04 +0100 | |
| 430 | ||
| 609f00c7 DM |
431 | pve-firewall (1.0-18) unstable; urgency=low |
| 432 | ||
| 433 | * fix alias lookup | |
| 434 | ||
| 435 | -- Proxmox Support Team <support@proxmox.com> Mon, 09 Feb 2015 09:32:03 +0100 | |
| 436 | ||
| de48e659 DM |
437 | pve-firewall (1.0-17) unstable; urgency=low |
| 438 | ||
| 439 | * fix restart behavior | |
| 440 | ||
| 441 | -- Proxmox Support Team <support@proxmox.com> Thu, 15 Jan 2015 06:45:58 +0100 | |
| 442 | ||
| b92d2ed2 DM |
443 | pve-firewall (1.0-16) unstable; urgency=low |
| 444 | ||
| 445 | * use new Daemon class from pve-common | |
| 446 | ||
| 447 | -- Proxmox Support Team <support@proxmox.com> Thu, 18 Dec 2014 09:45:07 +0100 | |
| 448 | ||
| 22dde8d6 DM |
449 | pve-firewall (1.0-15) unstable; urgency=low |
| 450 | ||
| 451 | * bug fix: load cluster conf for host rules | |
| 452 | ||
| 453 | -- Proxmox Support Team <support@proxmox.com> Fri, 12 Dec 2014 06:33:28 +0100 | |
| 454 | ||
| e33e2f16 DM |
455 | pve-firewall (1.0-14) unstable; urgency=low |
| 456 | ||
| 457 | * do not use ipset list chains | |
| 458 | ||
| 459 | * remove preinst script (not needed anymore) | |
| 460 | ||
| 461 | -- Proxmox Support Team <support@proxmox.com> Fri, 05 Dec 2014 13:42:00 +0100 | |
| 462 | ||
| 3bce273b DM |
463 | pve-firewall (1.0-13) unstable; urgency=low |
| 464 | ||
| 465 | * fix ipset remove order | |
| 466 | ||
| 467 | -- Proxmox Support Team <support@proxmox.com> Fri, 28 Nov 2014 12:45:48 +0100 | |
| 468 | ||
| 7a7c322c DM |
469 | pve-firewall (1.0-12) unstable; urgency=low |
| 470 | ||
| 471 | * add preinst script to clear ipset from older installation (because | |
| 472 | sets cannot be swapped if there type does not match. | |
| ce41ae23 | 473 | |
| 7a7c322c DM |
474 | -- Proxmox Support Team <support@proxmox.com> Fri, 28 Nov 2014 08:59:38 +0100 |
| 475 | ||
| 1b918ee5 DM |
476 | pve-firewall (1.0-11) unstable; urgency=low |
| 477 | ||
| 478 | * bug fix: correctly set ipversion for aliases in verify_rule | |
| 479 | ||
| 480 | * save restore commands into files to make debugging | |
| 481 | easier (/var/lib/pve-firewall/) | |
| 482 | ||
| 483 | -- Proxmox Support Team <support@proxmox.com> Fri, 28 Nov 2014 08:04:05 +0100 | |
| 484 | ||
| df617cea DM |
485 | pve-firewall (1.0-10) unstable; urgency=low |
| 486 | ||
| 487 | * add IPv6 support for VMs (hostfw is IPv4 only) | |
| 488 | ||
| 489 | -- Proxmox Support Team <support@proxmox.com> Wed, 26 Nov 2014 07:00:29 +0100 | |
| 490 | ||
| 0ac57570 DM |
491 | pve-firewall (1.0-9) unstable; urgency=low |
| 492 | ||
| 493 | * fix max ipset name name length | |
| 494 | ||
| 495 | -- Proxmox Support Team <support@proxmox.com> Tue, 14 Oct 2014 16:29:34 +0200 | |
| 496 | ||
| 05fd3b63 DM |
497 | pve-firewall (1.0-8) unstable; urgency=low |
| 498 | ||
| 499 | * implement permission | |
| 500 | ||
| 501 | -- Proxmox Support Team <support@proxmox.com> Mon, 08 Sep 2014 12:15:21 +0200 | |
| 502 | ||
| bea9d5ab DM |
503 | pve-firewall (1.0-7) unstable; urgency=low |
| 504 | ||
| 505 | * proxy host rule API calls to correct node | |
| a34cfdd0 DM |
506 | |
| 507 | * always generate MAC and IP filter rules if firewall is enabled on NIC | |
| bea9d5ab DM |
508 | |
| 509 | -- Proxmox Support Team <support@proxmox.com> Thu, 26 Jun 2014 07:12:57 +0200 | |
| 510 | ||
| 582275c3 DM |
511 | pve-firewall (1.0-6) unstable; urgency=low |
| 512 | ||
| 513 | * ipmlement ipfilter ipsets | |
| 514 | ||
| 515 | -- Proxmox Support Team <support@proxmox.com> Thu, 12 Jun 2014 08:37:08 +0200 | |
| 516 | ||
| de0c1e49 DM |
517 | pve-firewall (1.0-5) unstable; urgency=low |
| 518 | ||
| 519 | * remove ipsets when firewall disabled | |
| 520 | ||
| 521 | -- Proxmox Support Team <support@proxmox.com> Wed, 04 Jun 2014 08:50:18 +0200 | |
| 522 | ||
| 64c266f5 DM |
523 | pve-firewall (1.0-4) unstable; urgency=low |
| 524 | ||
| 525 | * depend on iptables and ipset | |
| 526 | ||
| 527 | -- Proxmox Support Team <support@proxmox.com> Wed, 04 Jun 2014 06:45:33 +0200 | |
| 528 | ||
| 16bcfa8b DM |
529 | pve-firewall (1.0-3) unstable; urgency=low |
| 530 | ||
| 531 | * change dh_installinit order (register pvefw-logger before pve-firewall) | |
| 532 | ||
| 533 | -- Proxmox Support Team <support@proxmox.com> Wed, 04 Jun 2014 06:24:21 +0200 | |
| 534 | ||
| ba0b3a0a DM |
535 | pve-firewall (1.0-2) unstable; urgency=low |
| 536 | ||
| 537 | * add experimental nflog logging daemon | |
| 538 | ||
| 539 | -- Proxmox Support Team <support@proxmox.com> Thu, 13 Mar 2014 08:27:01 +0100 | |
| 540 | ||
| bb272dd3 DM |
541 | pve-firewall (1.0-1) unstable; urgency=low |
| 542 | ||
| 543 | * initial package | |
| 544 | ||
| 545 | -- Proxmox Support Team <support@proxmox.com> Mon, 03 Mar 2014 08:37:06 +0100 | |
| 546 |