cleanup firewall service implementation
[pve-firewall.git] / src /
2014-05-16 Dietmar Maurercleanup firewall service implementation
2014-05-16 Alexandre Derumierbypass PVEFW-VENET-IN|OUT for unfirewalled venet0 ips
2014-05-16 Dietmar Maurerdo not abort if security groups does not exists
2014-05-15 Dietmar Maurerfix security groups for VMs
2014-05-15 Dietmar Maurercorrectly emit group rules for host
2014-05-15 Dietmar Maurercorrectly use dest instead of source
2014-05-15 Dietmar Maurerallow GROUP rule without iface
2014-05-15 Alexandre Derumieronly add tap rules for interface with firewall=1
2014-05-14 Alexandre Derumierfix interface in rules for host-in and host-out
2014-05-14 Alexandre Derumiermove blacklist inside ruleset_chain_add_input_filters
2014-05-14 Alexandre Derumierremove optimize option
2014-05-14 Dietmar Maurerdelete trailing whitespace cleanup
2014-05-14 Alexandre Derumierallow multiple spaces in venet0 ip list
2014-05-14 Alexandre Derumierrename link+ to fwln+
2014-05-13 Alexandre Derumierbugfix : allow multiples venet0 ip in 1 container
2014-05-13 Alexandre Derumierinsert PVEFW-IPS after vm rules generation v2
2014-05-13 Dietmar Maurerallow to read config from test directory
2014-05-13 Dietmar Maureruse PVEFW-VENET-IN/OUT inside PVEFW-INPUT/OUTPUT chains
2014-05-13 Dietmar Maurermove nosmurfs, tcpflags and conntrack established outsi...
2014-05-13 Dietmar Maurerremove dead code
2014-05-13 Dietmar Maureradd PVEFW-VENET-IN && PVEFW-VENET-OUT chains
2014-05-13 Dietmar Maurerremove bridge chains
2014-05-13 Dietmar Maureruse hex digest to avoid url encoding problems
2014-05-13 Dietmar Maureravoid error about undefined array
2014-05-06 Dietmar Maurerremove allow_bridge_route setting
2014-04-24 Dietmar Maurerfirewall group API: change 'name' to 'group'
2014-04-23 Alexandre Derumieradd global ipset blacklist
2014-04-22 Dietmar Maurergenerate_ipset: skip undefined ipsets
2014-04-22 Dietmar Maurerrename save_rules to save_ipset
2014-04-22 Dietmar Maureralias API: implement rename
2014-04-22 Dietmar Maurerstart API for aliases
2014-04-22 Dietmar Maurercorrectly save aliases
2014-04-22 Dietmar Maurerruleset_generate_vm_rules: use 'warn' instead of 'die'
2014-04-22 Dietmar Maurerruleset_generate_vm_rule: avoid multiple calls to gener...
2014-04-22 Dietmar Maurergenerate_nfqueue: code cleanup
2014-04-22 Dietmar Maurerruleset_generate_rule: update all or nothing
2014-04-22 Alexandre Derumierupdate update_nf_conntrack_max && nf_conntrack_tcp_time...
2014-04-22 Dietmar Maurercode cleanup
2014-04-22 Alexandre Derumieriptables_get_chains : allow bridgevlan vmbrXvY
2014-04-22 Alexandre Derumieroptimize : accept from physical interfaces on bridges
2014-04-22 Alexandre Derumieradd aliases feature
2014-04-18 Dietmar Maureronly allow tcpflafgs and nosmurfs in host.fw
2014-04-18 Dietmar Maurerenable cluster wide rules
2014-04-18 Dietmar Maureradd remaining options to VM API
2014-04-18 Dietmar Maureradd options and log API for VMs
2014-04-17 Alexandre Derumierbugfix : ruleset_generate_cmdstr : use -d for destination
2014-04-15 Dietmar Maurercomplete options API for host.fw
2014-04-15 Dietmar Maureradd API for firewall log
2014-04-15 Dietmar Maurercorrectly initialize std chains
2014-04-15 Dietmar Maurerdo not set persistent state if firewall is disabled
2014-04-15 Dietmar Maurerdisable firewall by default
2014-04-15 Alexandre Derumierips : allow --queue-bypass only for kernel 3.10
2014-04-15 Dietmar Maurerstop firewall inside update if firewall is disabled...
2014-04-14 Dietmar Maurerimplement API for cluster.fw policy_in and policy_out...
2014-04-14 Dietmar Maurermove host policy setting to cluster.fw
2014-04-14 Dietmar Maurerremove option dhcp for host.fw
2014-04-14 Alexandre Derumieradd tunnable nf_conntrack_tcp_timeout_established value
2014-04-11 Dietmar Maurercopy_xxx_with_digest: do not copy undefined values
2014-04-11 Dietmar Maurerimprove concurrent update handling
2014-04-10 Dietmar Maurercorrectly encode section comments as utf8
2014-04-10 Dietmar Maurersupport comments on ipset sections
2014-04-10 Dietmar Maurerrules API: protect against concurrent updates
2014-04-10 Dietmar Maurersecurity group API: protect against concurrent updates
2014-04-10 Dietmar Maurerdefine standard option pve-config-digest
2014-04-09 Dietmar Maurersupport comments on group sections
2014-04-09 Dietmar Maurercorrectly save security group rules
2014-04-09 Dietmar Maurercomplete security group API
2014-04-09 Dietmar Maurerdefine standard option for security group names
2014-04-09 Dietmar Maurercorrectly verify ipset name
2014-04-09 Dietmar MaurerIPSet: implement rename API
2014-04-09 Dietmar Maureradd newline to error message
2014-04-08 Dietmar Maureripset: implement create/delete API
2014-04-08 Dietmar Maureripset API: add get/update methods
2014-04-08 Dietmar Maurerfix ipset ref test in parse_address_list
2014-04-07 Dietmar Maurerimprove ipset updates
2014-04-07 Dietmar Maureripset: implement delete API, improve parameter verification
2014-04-07 Dietmar Maurerstart API for IPSet
2014-04-07 Dietmar Maureripset: only save ip/network once
2014-04-07 Dietmar Maurercorrectly save ipset data
2014-04-07 Dietmar Maurerallow icmp port names
2014-04-07 Dietmar Maurerverify macro parameters when updating a rule using API
2014-04-04 Dietmar Maurerfix port parser
2014-04-04 Dietmar Maureradd macro descriptions (and API to read them)
2014-04-03 Dietmar Maurerimplement delete parameter for rule update API
2014-04-03 Dietmar Maurerrule type and action are required parameters
2014-04-03 Dietmar Maurersimplify check for iprange
2014-04-03 Dietmar Maurerparse_address_list: add check for ipset references.
2014-04-03 Dietmar Maurerparse_address_list: only allow one ip range
2014-04-03 Dietmar Maureripset: check kernel version
2014-04-03 Alexandre Derumierrename netgroup to ipset
2014-04-03 Alexandre Derumierprefix ipset chains with PVEFW-
2014-04-03 Alexandre Derumierimplemented ipset rules in iptables
2014-04-02 Dietmar Maurerreally save options
2014-04-02 Dietmar Maurerimplement rules API for <vmid>.fw
2014-04-02 Dietmar Maurerimplement rules API for host.fw
2014-04-02 Dietmar Maurerimplement generic rule API class
2014-04-01 Dietmar Maurerimplement option API for cluster.fw
2014-04-01 Dietmar Maurerstart cluster wide firewall API
2014-04-01 Dietmar Maurerdelete trailing white space from 'ipset save' output.
2014-04-01 Dietmar Maureravoid multiple calls to ipset_get_chains()