projects
/
pve-firewall.git
/ history
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅
next
bump version to 1.0-8
[pve-firewall.git]
/
src
/
2014-07-21
Dietmar Maurer
Firewall/IPSet: implement permission
tree
|
commitdiff
2014-07-21
Dietmar Maurer
Firewall/Rules: add permissions
tree
|
commitdiff
2014-07-21
Dietmar Maurer
Firewall/Groups: add permissions
tree
|
commitdiff
2014-07-21
Dietmar Maurer
Firewall/VM: add permissions
tree
|
commitdiff
2014-07-21
Dietmar Maurer
Firewall/Host: add permissions
tree
|
commitdiff
2014-07-21
Dietmar Maurer
Firewall/Cluster: add permissions
tree
|
commitdiff
2014-06-26
Dietmar Maurer
generate MAC and IP filter rules if firewall is enabled...
tree
|
commitdiff
2014-06-26
Dietmar Maurer
proxy host rule API calls to correct node
tree
|
commitdiff
2014-06-12
Dietmar Maurer
implement negative ipset match
tree
|
commitdiff
2014-06-12
Dietmar Maurer
use separate ipfilter ipset on each interface
tree
|
commitdiff
2014-06-11
Dietmar Maurer
add support for ipfilter ipset
tree
|
commitdiff
2014-06-04
Dietmar Maurer
generate /etc/pve/firewall directory automatically
tree
|
commitdiff
2014-06-04
Dietmar Maurer
avoid errors about undefined values
tree
|
commitdiff
2014-06-04
Dietmar Maurer
remove ipsets when firewall disabled
tree
|
commitdiff
2014-06-04
Dietmar Maurer
return empty ruleset if firewall disabled in cluster.fw
tree
|
commitdiff
2014-06-02
Dietmar Maurer
improve error message
tree
|
commitdiff
2014-06-02
Dietmar Maurer
generate warnings when we read the configuration file
tree
|
commitdiff
2014-05-30
Dietmar Maurer
pass ipset errors to GUI
tree
|
commitdiff
2014-05-30
Dietmar Maurer
skip non-existent aliases inside ipset configuration
tree
|
commitdiff
2014-05-30
Dietmar Maurer
remove dead code from previous commit
tree
|
commitdiff
2014-05-30
Dietmar Maurer
code cleanup - introcduce new method resolve_alias
tree
|
commitdiff
2014-05-30
Dietmar Maurer
cleanup: try to use more consistent method naming
tree
|
commitdiff
2014-05-30
Dietmar Maurer
API: add ability to restrict ref list to specified...
tree
|
commitdiff
2014-05-30
Dietmar Maurer
API fix: allow aliases in IPSets
tree
|
commitdiff
2014-05-30
Dietmar Maurer
parser: verify group and ipset names
tree
|
commitdiff
2014-05-28
Dietmar Maurer
implement API to get list of possible refs (aliases...
tree
|
commitdiff
2014-05-28
Dietmar Maurer
introduce ipset_name_pattern to avoid confusion
tree
|
commitdiff
2014-05-28
Dietmar Maurer
limit alias/ipset name length to 64 characters
tree
|
commitdiff
2014-05-28
Dietmar Maurer
fix ipset match - s/src/dst/
tree
|
commitdiff
2014-05-28
Dietmar Maurer
implement VM ipsets, allow long ipset names
tree
|
commitdiff
2014-05-28
Dietmar Maurer
always pass cluster_conf to load_vmfw_conf
tree
|
commitdiff
2014-05-27
Dietmar Maurer
implement ipsets for VM/CT
tree
|
commitdiff
2014-05-27
Dietmar Maurer
white space cleanup
tree
|
commitdiff
2014-05-27
Dietmar Maurer
implement aliases at VM level
tree
|
commitdiff
2014-05-27
Dietmar Maurer
fwtester.pl: add warnings to trace
tree
|
commitdiff
2014-05-27
Alexandre Derumier
optimize blacklist : create a PVEFW-blacklist chain
tree
|
commitdiff
2014-05-26
Dietmar Maurer
skip diabled rules and rules with errors early
tree
|
commitdiff
2014-05-26
Dietmar Maurer
ruleset_generate_vm_rules: skip rules with errors
tree
|
commitdiff
2014-05-26
Dietmar Maurer
improve rule verification
tree
|
commitdiff
2014-05-26
Dietmar Maurer
pass $rule_env (cluster/host/vm/ct) to rule parser.
tree
|
commitdiff
2014-05-23
Dietmar Maurer
improve error handling
tree
|
commitdiff
2014-05-23
Dietmar Maurer
allow to read rule with errors
tree
|
commitdiff
2014-05-22
Dietmar Maurer
close inotify handle before restart
tree
|
commitdiff
2014-05-21
Dietmar Maurer
improve rules API
tree
|
commitdiff
2014-05-21
Dietmar Maurer
fix API: property sport/dport requires protocol
tree
|
commitdiff
2014-05-21
Dietmar Maurer
fix test/test-errors3 - protect rule generation with...
tree
|
commitdiff
2014-05-21
Dietmar Maurer
allow igmp traffic
tree
|
commitdiff
2014-05-21
Dietmar Maurer
fix for test case test/test-errors1
tree
|
commitdiff
2014-05-21
Dietmar Maurer
use GET instead of POST for command that do not change...
tree
|
commitdiff
2014-05-21
Dietmar Maurer
add new localnet command
tree
|
commitdiff
2014-05-21
Dietmar Maurer
rename cluster_network to local_network, introduce...
tree
|
commitdiff
2014-05-21
Dietmar Maurer
Introduce new management ipset
tree
|
commitdiff
2014-05-21
Dietmar Maurer
do not use ctstate in corosync rule
tree
|
commitdiff
2014-05-20
Dietmar Maurer
start alias support for VMs
tree
|
commitdiff
2014-05-20
Dietmar Maurer
improve documentation
tree
|
commitdiff
2014-05-20
Dietmar Maurer
do not log simulate warnings to syslog
tree
|
commitdiff
2014-05-20
Dietmar Maurer
add simulate command for easy testing
tree
|
commitdiff
2014-05-20
Dietmar Maurer
move test code to FirewallSimulator.pm
tree
|
commitdiff
2014-05-20
Dietmar Maurer
do not enable VM firewall by default
tree
|
commitdiff
2014-05-20
Dietmar Maurer
allow tests without cluster.fw and host.fw configuration
tree
|
commitdiff
2014-05-20
Dietmar Maurer
also allow VNC and SPICE traffic inside cluster_network
tree
|
commitdiff
2014-05-20
Dietmar Maurer
do not use -s for outgoing corosync rules
tree
|
commitdiff
2014-05-20
Dietmar Maurer
implement setter for cluster_network
tree
|
commitdiff
2014-05-20
Dietmar Maurer
fix regression test for previous commits
tree
|
commitdiff
2014-05-20
Dietmar Maurer
use $accept_action for standard rules
tree
|
commitdiff
2014-05-20
Dietmar Maurer
add standard rules after user rules
tree
|
commitdiff
2014-05-20
Dietmar Maurer
fix corosync rules (restrict to cluster network)
tree
|
commitdiff
2014-05-20
Dietmar Maurer
remove wrong corosync rules using port 9000
tree
|
commitdiff
2014-05-19
Dietmar Maurer
allow API/SSH/SPICE/VNC traffic on local cluster networ...
tree
|
commitdiff
2014-05-19
Dietmar Maurer
remove unused options
tree
|
commitdiff
2014-05-19
Dietmar Maurer
add init function
tree
|
commitdiff
2014-05-19
Dietmar Maurer
avoid logs by default
tree
|
commitdiff
2014-05-19
Dietmar Maurer
remove unused parameters
tree
|
commitdiff
2014-05-19
Alexandre Derumier
birectionnal macros cleanups
tree
|
commitdiff
2014-05-19
Dietmar Maurer
change rule format: use named parameters
tree
|
commitdiff
2014-05-16
Dietmar Maurer
include manual page
tree
|
commitdiff
2014-05-16
Dietmar Maurer
cleanup firewall service implementation
tree
|
commitdiff
2014-05-16
Alexandre Derumier
bypass PVEFW-VENET-IN|OUT for unfirewalled venet0 ips
tree
|
commitdiff
2014-05-16
Dietmar Maurer
do not abort if security groups does not exists
tree
|
commitdiff
2014-05-15
Dietmar Maurer
fix security groups for VMs
tree
|
commitdiff
2014-05-15
Dietmar Maurer
correctly emit group rules for host
tree
|
commitdiff
2014-05-15
Dietmar Maurer
correctly use dest instead of source
tree
|
commitdiff
2014-05-15
Dietmar Maurer
allow GROUP rule without iface
tree
|
commitdiff
2014-05-15
Alexandre Derumier
only add tap rules for interface with firewall=1
tree
|
commitdiff
2014-05-14
Alexandre Derumier
fix interface in rules for host-in and host-out
tree
|
commitdiff
2014-05-14
Alexandre Derumier
move blacklist inside ruleset_chain_add_input_filters
tree
|
commitdiff
2014-05-14
Alexandre Derumier
remove optimize option
tree
|
commitdiff
2014-05-14
Dietmar Maurer
delete trailing whitespace cleanup
tree
|
commitdiff
2014-05-14
Alexandre Derumier
allow multiple spaces in venet0 ip list
tree
|
commitdiff
2014-05-14
Alexandre Derumier
rename link+ to fwln+
tree
|
commitdiff
2014-05-13
Alexandre Derumier
bugfix : allow multiples venet0 ip in 1 container
tree
|
commitdiff
2014-05-13
Alexandre Derumier
insert PVEFW-IPS after vm rules generation v2
tree
|
commitdiff
2014-05-13
Dietmar Maurer
allow to read config from test directory
tree
|
commitdiff
2014-05-13
Dietmar Maurer
use PVEFW-VENET-IN/OUT inside PVEFW-INPUT/OUTPUT chains
tree
|
commitdiff
2014-05-13
Dietmar Maurer
move nosmurfs, tcpflags and conntrack established outsi...
tree
|
commitdiff
2014-05-13
Dietmar Maurer
remove dead code
tree
|
commitdiff
2014-05-13
Dietmar Maurer
add PVEFW-VENET-IN && PVEFW-VENET-OUT chains
tree
|
commitdiff
2014-05-13
Dietmar Maurer
remove bridge chains
tree
|
commitdiff
2014-05-13
Dietmar Maurer
use hex digest to avoid url encoding problems
tree
|
commitdiff
2014-05-13
Dietmar Maurer
avoid error about undefined array
tree
|
commitdiff
next