rename pve-fw-v4addr-spec to pve-fw-addr-spec
[pve-firewall.git] / src /
2014-10-30 Dietmar Maurerrename pve-fw-v4addr-spec to pve-fw-addr-spec
2014-10-30 Alexandre Derumierparse_rules src && dst ipversion
2014-10-30 Dietmar Maurercleanup generate_std_chains: don't overwrite global...
2014-10-30 Alexandre Derumiermove $pve_std_chains to $pve_std_chains->{$ipversion}
2014-10-30 Alexandre Derumiersplit compile to compile_iptables_filter
2014-10-14 Dietmar Maurerfix max ipset name lenght
2014-07-21 Dietmar MaurerFirewall/IPSet: implement permission
2014-07-21 Dietmar MaurerFirewall/Rules: add permissions
2014-07-21 Dietmar MaurerFirewall/Groups: add permissions
2014-07-21 Dietmar MaurerFirewall/VM: add permissions
2014-07-21 Dietmar MaurerFirewall/Host: add permissions
2014-07-21 Dietmar MaurerFirewall/Cluster: add permissions
2014-06-26 Dietmar Maurergenerate MAC and IP filter rules if firewall is enabled...
2014-06-26 Dietmar Maurerproxy host rule API calls to correct node
2014-06-12 Dietmar Maurerimplement negative ipset match
2014-06-12 Dietmar Maureruse separate ipfilter ipset on each interface
2014-06-11 Dietmar Maureradd support for ipfilter ipset
2014-06-04 Dietmar Maurergenerate /etc/pve/firewall directory automatically
2014-06-04 Dietmar Maureravoid errors about undefined values
2014-06-04 Dietmar Maurerremove ipsets when firewall disabled
2014-06-04 Dietmar Maurerreturn empty ruleset if firewall disabled in cluster.fw
2014-06-02 Dietmar Maurerimprove error message
2014-06-02 Dietmar Maurergenerate warnings when we read the configuration file
2014-05-30 Dietmar Maurerpass ipset errors to GUI
2014-05-30 Dietmar Maurerskip non-existent aliases inside ipset configuration
2014-05-30 Dietmar Maurerremove dead code from previous commit
2014-05-30 Dietmar Maurercode cleanup - introcduce new method resolve_alias
2014-05-30 Dietmar Maurercleanup: try to use more consistent method naming
2014-05-30 Dietmar MaurerAPI: add ability to restrict ref list to specified...
2014-05-30 Dietmar MaurerAPI fix: allow aliases in IPSets
2014-05-30 Dietmar Maurerparser: verify group and ipset names
2014-05-28 Dietmar Maurerimplement API to get list of possible refs (aliases...
2014-05-28 Dietmar Maurerintroduce ipset_name_pattern to avoid confusion
2014-05-28 Dietmar Maurerlimit alias/ipset name length to 64 characters
2014-05-28 Dietmar Maurerfix ipset match - s/src/dst/
2014-05-28 Dietmar Maurerimplement VM ipsets, allow long ipset names
2014-05-28 Dietmar Maureralways pass cluster_conf to load_vmfw_conf
2014-05-27 Dietmar Maurerimplement ipsets for VM/CT
2014-05-27 Dietmar Maurerwhite space cleanup
2014-05-27 Dietmar Maurerimplement aliases at VM level
2014-05-27 Dietmar add warnings to trace
2014-05-27 Alexandre Derumieroptimize blacklist : create a PVEFW-blacklist chain
2014-05-26 Dietmar Maurerskip diabled rules and rules with errors early
2014-05-26 Dietmar Maurerruleset_generate_vm_rules: skip rules with errors
2014-05-26 Dietmar Maurerimprove rule verification
2014-05-26 Dietmar Maurerpass $rule_env (cluster/host/vm/ct) to rule parser.
2014-05-23 Dietmar Maurerimprove error handling
2014-05-23 Dietmar Maurerallow to read rule with errors
2014-05-22 Dietmar Maurerclose inotify handle before restart
2014-05-21 Dietmar Maurerimprove rules API
2014-05-21 Dietmar Maurerfix API: property sport/dport requires protocol
2014-05-21 Dietmar Maurerfix test/test-errors3 - protect rule generation with...
2014-05-21 Dietmar Maurerallow igmp traffic
2014-05-21 Dietmar Maurerfix for test case test/test-errors1
2014-05-21 Dietmar Maureruse GET instead of POST for command that do not change...
2014-05-21 Dietmar Maureradd new localnet command
2014-05-21 Dietmar Maurerrename cluster_network to local_network, introduce...
2014-05-21 Dietmar MaurerIntroduce new management ipset
2014-05-21 Dietmar Maurerdo not use ctstate in corosync rule
2014-05-20 Dietmar Maurerstart alias support for VMs
2014-05-20 Dietmar Maurerimprove documentation
2014-05-20 Dietmar Maurerdo not log simulate warnings to syslog
2014-05-20 Dietmar Maureradd simulate command for easy testing
2014-05-20 Dietmar Maurermove test code to
2014-05-20 Dietmar Maurerdo not enable VM firewall by default
2014-05-20 Dietmar Maurerallow tests without cluster.fw and host.fw configuration
2014-05-20 Dietmar Maureralso allow VNC and SPICE traffic inside cluster_network
2014-05-20 Dietmar Maurerdo not use -s for outgoing corosync rules
2014-05-20 Dietmar Maurerimplement setter for cluster_network
2014-05-20 Dietmar Maurerfix regression test for previous commits
2014-05-20 Dietmar Maureruse $accept_action for standard rules
2014-05-20 Dietmar Maureradd standard rules after user rules
2014-05-20 Dietmar Maurerfix corosync rules (restrict to cluster network)
2014-05-20 Dietmar Maurerremove wrong corosync rules using port 9000
2014-05-19 Dietmar Maurerallow API/SSH/SPICE/VNC traffic on local cluster networ...
2014-05-19 Dietmar Maurerremove unused options
2014-05-19 Dietmar Maureradd init function
2014-05-19 Dietmar Maureravoid logs by default
2014-05-19 Dietmar Maurerremove unused parameters
2014-05-19 Alexandre Derumierbirectionnal macros cleanups
2014-05-19 Dietmar Maurerchange rule format: use named parameters
2014-05-16 Dietmar Maurerinclude manual page
2014-05-16 Dietmar Maurercleanup firewall service implementation
2014-05-16 Alexandre Derumierbypass PVEFW-VENET-IN|OUT for unfirewalled venet0 ips
2014-05-16 Dietmar Maurerdo not abort if security groups does not exists
2014-05-15 Dietmar Maurerfix security groups for VMs
2014-05-15 Dietmar Maurercorrectly emit group rules for host
2014-05-15 Dietmar Maurercorrectly use dest instead of source
2014-05-15 Dietmar Maurerallow GROUP rule without iface
2014-05-15 Alexandre Derumieronly add tap rules for interface with firewall=1
2014-05-14 Alexandre Derumierfix interface in rules for host-in and host-out
2014-05-14 Alexandre Derumiermove blacklist inside ruleset_chain_add_input_filters
2014-05-14 Alexandre Derumierremove optimize option
2014-05-14 Dietmar Maurerdelete trailing whitespace cleanup
2014-05-14 Alexandre Derumierallow multiple spaces in venet0 ip list
2014-05-14 Alexandre Derumierrename link+ to fwln+
2014-05-13 Alexandre Derumierbugfix : allow multiples venet0 ip in 1 container
2014-05-13 Alexandre Derumierinsert PVEFW-IPS after vm rules generation v2
2014-05-13 Dietmar Maurerallow to read config from test directory
2014-05-13 Dietmar Maureruse PVEFW-VENET-IN/OUT inside PVEFW-INPUT/OUTPUT chains