projects
/
pve-firewall.git
/ history
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅
next
ebtables: sort guest chains during rulecreation
[pve-firewall.git]
/
src
/
PVE
/
Firewall.pm
2018-06-28
Stoiko Ivanov
ebtables: sort guest chains during rulecreation
blob
|
commitdiff
|
raw
2018-06-18
Wolfgang Bumiller
whitespace fixup
blob
|
commitdiff
|
raw
|
diff to current
2018-06-12
Wolfgang Bumiller
fixup active_chains distinction when deleting chains
blob
|
commitdiff
|
raw
|
diff to current
2018-06-06
Stoiko Ivanov
rename ebtables_enable to ebtables
blob
|
commitdiff
|
raw
|
diff to current
2018-05-29
Wolfgang Bumiller
typo fixup
blob
|
commitdiff
|
raw
|
diff to current
2018-05-29
Stoiko Ivanov
Don't change external ebtables rules
blob
|
commitdiff
|
raw
|
diff to current
2018-05-17
Wolfgang Bumiller
fix PVEFW-FORWARD chain not being used
blob
|
commitdiff
|
raw
|
diff to current
2018-03-29
Wolfgang Bumiller
ebtables_get_chains: deal with empty chains
blob
|
commitdiff
|
raw
|
diff to current
2018-03-28
Wolfgang Bumiller
avoid double spaces in ruleset_addrule
blob
|
commitdiff
|
raw
|
diff to current
2018-03-28
Alexandre Derumier
apply ebtables_ruleset
blob
|
commitdiff
|
raw
|
diff to current
2018-03-28
Alexandre Derumier
compile ebtables rules
blob
|
commitdiff
|
raw
|
diff to current
2018-03-28
Wolfgang Bumiller
/etc/services can also define 'sctp' services
blob
|
commitdiff
|
raw
|
diff to current
2018-03-28
Wolfgang Bumiller
add get_etc_ethertypes
blob
|
commitdiff
|
raw
|
diff to current
2018-03-28
Wolfgang Bumiller
parse_protocol_file: support lines without end comments
blob
|
commitdiff
|
raw
|
diff to current
2018-03-28
Wolfgang Bumiller
split parser out of get_etc_protocols
blob
|
commitdiff
|
raw
|
diff to current
2018-03-12
Fabian Grünbichler
multiport: add explaining comment
blob
|
commitdiff
|
raw
|
diff to current
2018-03-12
Wolfgang Bumiller
fix and improve multiport handling
blob
|
commitdiff
|
raw
|
diff to current
2018-03-08
Wolfgang Bumiller
check multiport limit in port ranges
blob
|
commitdiff
|
raw
|
diff to current
2017-12-07
Wolfgang Bumiller
honor disabled flag on group rules again
blob
|
commitdiff
|
raw
|
diff to current
2017-10-19
Tom Weber
remove ruleset_generate_match, ruleset_generate_action
blob
|
commitdiff
|
raw
|
diff to current
2017-10-19
Tom Weber
remove unused ruleset_generate_rule_insert
blob
|
commitdiff
|
raw
|
diff to current
2017-10-19
Tom Weber
cleanup parameters to ruleset_generate_rule
blob
|
commitdiff
|
raw
|
diff to current
2017-10-19
Tom Weber
rule_substitude_action, remove ruleset_generate_rule_old
blob
|
commitdiff
|
raw
|
diff to current
2017-10-19
Tom Weber
remove unused ruleset_generate_cmdstr
blob
|
commitdiff
|
raw
|
diff to current
2017-10-19
Tom Weber
implement ipt_rule_to_cmds, ruleset_add_ipt_cmd
blob
|
commitdiff
|
raw
|
diff to current
2017-10-19
Tom Weber
iptables address matching in own subroutine
blob
|
commitdiff
|
raw
|
diff to current
2017-10-19
Tom Weber
eliminate unused nbdport in pve_std_chains_conf
blob
|
commitdiff
|
raw
|
diff to current
2017-10-19
Tom Weber
make $pve_std_chains a copy of $pve_std_chains_conf
blob
|
commitdiff
|
raw
|
diff to current
2017-10-19
Tom Weber
convert string based rule definitions to hashes
blob
|
commitdiff
|
raw
|
diff to current
2017-10-19
Tom Weber
integrate logging into ruleset_addrule
blob
|
commitdiff
|
raw
|
diff to current
2017-10-19
Tom Weber
prepare code for more generic firewall logging
blob
|
commitdiff
|
raw
|
diff to current
2017-10-19
Tom Weber
remove unused $rule_format
blob
|
commitdiff
|
raw
|
diff to current
2017-04-10
Wolfgang Bumiller
log errors encountered by the daemon to syslog
blob
|
commitdiff
|
raw
|
diff to current
2017-04-10
Wolfgang Bumiller
forbid trailing commas in lists
blob
|
commitdiff
|
raw
|
diff to current
2016-11-29
Wolfgang Bumiller
ipsets: catch zero-prefix entries
blob
|
commitdiff
|
raw
|
diff to current
2016-11-29
Wolfgang Bumiller
improve search for local-network
blob
|
commitdiff
|
raw
|
diff to current
2016-10-06
Wolfgang Bumiller
don't try to apply ports to rules which don't support...
blob
|
commitdiff
|
raw
|
diff to current
2016-10-06
Wolfgang Bumiller
remove redundant checks
blob
|
commitdiff
|
raw
|
diff to current
2016-09-06
Emmanuel Kasper
add multicast DNS to the list of Macros
blob
|
commitdiff
|
raw
|
diff to current
2016-09-05
Dietmar Maurer
add missing parameter descriptions
blob
|
commitdiff
|
raw
|
diff to current
2016-06-03
Dominik Csapak
fix allowed group name length
blob
|
commitdiff
|
raw
|
diff to current
2016-06-03
Wolfgang Bumiller
use pve-common's ipv4_mask_hash_localnet
blob
|
commitdiff
|
raw
|
diff to current
2016-05-17
Fabian Grünbichler
fix #972: make PVEFW-FWBR-* rule order stable
blob
|
commitdiff
|
raw
|
diff to current
2016-04-21
Fabian Grünbichler
fix #945: add uninitialized check in lxc ipset compilation
blob
|
commitdiff
|
raw
|
diff to current
2016-04-01
Dietmar Maurer
move option definition to PVE::Firewall
blob
|
commitdiff
|
raw
|
diff to current
2016-04-01
Wolfgang Bumiller
use only the top bit for our accept marks
blob
|
commitdiff
|
raw
|
diff to current
2016-04-01
Dietmar Maurer
add description to DHCPv6 macro
blob
|
commitdiff
|
raw
|
diff to current
2016-03-31
Dietmar Maurer
cleanup descriptions (use single quote instead of backt...
blob
|
commitdiff
|
raw
|
diff to current
2016-03-31
Dietmar Maurer
cleanup descriptions (correctly quote backslash)
blob
|
commitdiff
|
raw
|
diff to current
2016-03-31
Dietmar Maurer
add property descriptions to improve docs
blob
|
commitdiff
|
raw
|
diff to current
2016-03-08
Fabian Grünbichler
Use cfs_config_path from PVE::QemuConfig
blob
|
commitdiff
|
raw
|
diff to current
2016-03-03
Fabian Grünbichler
LXC refactoring
blob
|
commitdiff
|
raw
|
diff to current
2016-03-03
Wolfgang Bumiller
whitespace cleanup
blob
|
commitdiff
|
raw
|
diff to current
2016-03-03
Wolfgang Bumiller
ipfilter: include configured container IPs by default
blob
|
commitdiff
|
raw
|
diff to current
2016-03-03
Wolfgang Bumiller
added the 'ipfilter' option
blob
|
commitdiff
|
raw
|
diff to current
2016-03-02
Wolfgang Bumiller
ipv6: fix ip_compress_address_call
blob
|
commitdiff
|
raw
|
diff to current
2016-03-02
Wolfgang Bumiller
ipfilter: imiplicitly add the default link local address
blob
|
commitdiff
|
raw
|
diff to current
2016-03-02
Wolfgang Bumiller
split compile_ipsets() out of compile_iptables_filter()
blob
|
commitdiff
|
raw
|
diff to current
2016-03-02
Wolfgang Bumiller
cleanup after old change
blob
|
commitdiff
|
raw
|
diff to current
2016-03-02
Wolfgang Bumiller
ndp: use PVEFW-SET-ACCEPT-MARK and move rules further...
blob
|
commitdiff
|
raw
|
diff to current
2016-03-02
Wolfgang Bumiller
only allow icmp names in the destination port field
blob
|
commitdiff
|
raw
|
diff to current
2016-02-29
Dominik Csapak
fix 901: encode unicode characters in sha digest
blob
|
commitdiff
|
raw
|
diff to current
2016-02-27
Wolfgang Bumiller
Add radv option to VM options.
blob
|
commitdiff
|
raw
|
diff to current
2016-02-19
Wolfgang Bumiller
Add router-solicitation to NeighborDiscovery macro
blob
|
commitdiff
|
raw
|
diff to current
2016-02-19
Wolfgang Bumiller
Add ndp option to host and VM firewall options
blob
|
commitdiff
|
raw
|
diff to current
2016-02-08
Fabian Grünbichler
Don't leave empty FW config files behind
blob
|
commitdiff
|
raw
|
diff to current
2016-01-26
Wolfgang Bumiller
add DHCPv6 macro
blob
|
commitdiff
|
raw
|
diff to current
2016-01-26
Wolfgang Bumiller
add dhcpv6 support to the dhcp option
blob
|
commitdiff
|
raw
|
diff to current
2016-01-07
Wolfgang Bumiller
use $security_group_name_pattern in iptables_get_chains
blob
|
commitdiff
|
raw
|
diff to current
2016-01-07
Wolfgang Bumiller
fix some regular expressions mixups
blob
|
commitdiff
|
raw
|
diff to current
2015-10-23
Wolfgang Bumiller
allow numeric icmp types
blob
|
commitdiff
|
raw
|
diff to current
2015-09-16
Dietmar Maurer
add better inline documentation
blob
|
commitdiff
|
raw
|
diff to current
2015-09-08
Dietmar Maurer
iptables_get_chains: fix veth device name
blob
|
commitdiff
|
raw
|
diff to current
2015-08-25
Alen Grizonic
subroutine for cloning vm's firewall config file
blob
|
commitdiff
|
raw
|
diff to current
2015-08-19
Alen Grizonic
firewall remove config file subroutine added
blob
|
commitdiff
|
raw
|
diff to current
2015-08-12
Alen Grizonic
removed firewall code for openVZ
blob
|
commitdiff
|
raw
|
diff to current
2015-08-10
Alen Grizonic
added firewall code for lxc
blob
|
commitdiff
|
raw
|
diff to current
2015-08-04
Alen Grizonic
firewall ipversion comparison fix
blob
|
commitdiff
|
raw
|
diff to current
2015-07-28
Wolfgang Bumiller
local_network: ipv6 support + correctness
blob
|
commitdiff
|
raw
|
diff to current
2015-07-28
Wolfgang Bumiller
fix ipv6 address normalization
blob
|
commitdiff
|
raw
|
diff to current
2015-07-23
Wolfgang Bumiller
ipv6 neighbor discovery and solicitation macros
blob
|
commitdiff
|
raw
|
diff to current
2015-07-23
Wolfgang Bumiller
Add ipv6 macros to the macro list
blob
|
commitdiff
|
raw
|
diff to current
2015-07-23
Wolfgang Bumiller
ip6tables accepts both spellings of the word neighbor
blob
|
commitdiff
|
raw
|
diff to current
2015-07-22
Alen Grizonic
firewall - Ceph macro added
blob
|
commitdiff
|
raw
|
diff to current
2015-06-26
Alen Grizonic
firewall_module_duplicate
blob
|
commitdiff
|
raw
|
diff to current
2015-06-26
Alen Grizonic
firewall autodisable
blob
|
commitdiff
|
raw
|
diff to current
2015-03-16
Dietmar Maurer
always use local_network alias if specified by user
blob
|
commitdiff
|
raw
|
diff to current
2015-03-15
Dietmar Maurer
correctly emit ipv6 rules for host firewall
blob
|
commitdiff
|
raw
|
diff to current
2015-02-27
Dietmar Maurer
fix path to ipset binary
blob
|
commitdiff
|
raw
|
diff to current
2015-02-09
Dietmar Maurer
fix alias lookup
blob
|
commitdiff
|
raw
|
diff to current
2014-12-12
Alexandre Derumier
firewall update : load cluster conf for host rules
blob
|
commitdiff
|
raw
|
diff to current
2014-12-05
Dietmar Maurer
do not use ipset list chains
blob
|
commitdiff
|
raw
|
diff to current
2014-11-28
Dietmar Maurer
fix ipset remove order
blob
|
commitdiff
|
raw
|
diff to current
2014-11-28
Dietmar Maurer
verify_rule: correctly set ipversion for aliases
blob
|
commitdiff
|
raw
|
diff to current
2014-11-28
Dietmar Maurer
save restore commands into files (debug help)
blob
|
commitdiff
|
raw
|
diff to current
2014-11-17
Dietmar Maurer
API2::Firewall::IPSet: fix alias check for ipv6 addresses
blob
|
commitdiff
|
raw
|
diff to current
2014-11-10
Dietmar Maurer
get_ipset_cmdlist: avoid restore problems due to wrong...
blob
|
commitdiff
|
raw
|
diff to current
2014-11-10
Dietmar Maurer
improve error messages
blob
|
commitdiff
|
raw
|
diff to current
2014-11-10
Dietmar Maurer
do not emit smurfs chain for ipv6
blob
|
commitdiff
|
raw
|
diff to current
2014-11-10
Dietmar Maurer
ipv6 addrtype does not work with kernel 2.6.32, use...
blob
|
commitdiff
|
raw
|
diff to current
next