projects
/
pve-firewall.git
/ search
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅
next
implement VM ipsets, allow long ipset names
2014-05-28
Dietmar Maurer
implement VM ipsets, allow long ipset names
commit
|
commitdiff
|
tree
2014-05-28
Dietmar Maurer
always pass cluster_conf to load_vmfw_conf
commit
|
commitdiff
|
tree
2014-05-27
Dietmar Maurer
implement ipsets for VM/CT
commit
|
commitdiff
|
tree
2014-05-27
Dietmar Maurer
do not print trace when debug is not set
commit
|
commitdiff
|
tree
2014-05-27
Dietmar Maurer
white space cleanup
commit
|
commitdiff
|
tree
2014-05-27
Dietmar Maurer
implement aliases at VM level
commit
|
commitdiff
|
tree
2014-05-27
Dietmar Maurer
add test for aliases inside vm firewall configuration
commit
|
commitdiff
|
tree
2014-05-27
Dietmar Maurer
fwtester.pl: add warnings to trace
commit
|
commitdiff
|
tree
2014-05-26
Dietmar Maurer
fix comment
commit
|
commitdiff
|
tree
2014-05-26
Dietmar Maurer
skip diabled rules and rules with errors early
commit
|
commitdiff
|
tree
2014-05-26
Dietmar Maurer
ruleset_generate_vm_rules: skip rules with errors
commit
|
commitdiff
|
tree
2014-05-26
Dietmar Maurer
improve rule verification
commit
|
commitdiff
|
tree
2014-05-26
Dietmar Maurer
pass $rule_env (cluster/host/vm/ct) to rule parser.
commit
|
commitdiff
|
tree
2014-05-23
Dietmar Maurer
improve error handling
commit
|
commitdiff
|
tree
2014-05-23
Dietmar Maurer
allow to read rule with errors
commit
|
commitdiff
|
tree
2014-05-22
Dietmar Maurer
close inotify handle before restart
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
improve rules API
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
fix API: property sport/dport requires protocol
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
fix test/test-errors3 - protect rule generation with...
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
add new test case to show serious bug
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
allow igmp traffic
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
add another test case
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
fix for test case test/test-errors1
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
add test case to show serious bug
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
use GET instead of POST for command that do not change...
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
add new localnet command
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
rename cluster_network to local_network, introduce...
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
add tests for management ipset
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
Introduce new management ipset
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
do not use ctstate in corosync rule
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
start alias support for VMs
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
improve documentation
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
do not log simulate warnings to syslog
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
add simulate command for easy testing
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
move test code to FirewallSimulator.pm
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
add tests for corosync multicast addrtype rules
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
do not enable VM firewall by default
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
add tests for default rules
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
fwtester: set cluster network to 172.16.1.0/24, host_ip...
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
allow tests without cluster.fw and host.fw configuration
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
also allow VNC and SPICE traffic inside cluster_network
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
do not use -s for outgoing corosync rules
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
implement setter for cluster_network
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
fix regression test for previous commits
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
use $accept_action for standard rules
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
add standard rules after user rules
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
fix corosync rules (restrict to cluster network)
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
remove wrong corosync rules using port 9000
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
allow API/SSH/SPICE/VNC traffic on local cluster network...
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
remove unused options
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
add init function
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
do not restart pvefw-logger with debian triggers
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
avoid logs by default
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
remove unused parameters
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
change rule format: use named parameters
commit
|
commitdiff
|
tree
2014-05-16
Dietmar Maurer
include manual page
commit
|
commitdiff
|
tree
2014-05-16
Dietmar Maurer
cleanup firewall service implementation
commit
|
commitdiff
|
tree
2014-05-16
Dietmar Maurer
do not abort if security groups does not exists
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
add ipset regression tests
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fwtester: implement ipset testing
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fix blacklist example
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
add tests for unconfigured firewall (empty files)
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
add group tests for container
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fix security groups for VMs
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
add security group tests
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fwtester: add ability to run tests on several zones
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
correctly emit group rules for host
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fwtester: improve rule_match
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
correctly use dest instead of source
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
allow GROUP rule without iface
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fwtester: set firewall=1 for test VM interfaces
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fwtester: simplify code with ne bport zone
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
improve error messages
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: add new zone 'nfwm' to simulate a non-firewalled VM
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: do not count ENTER/LEAVE
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
add README for fwtester.pl
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
add tests for host interface match
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: support dev regex with -i and -o
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: fix emulation - correctly set phydev_in
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: add counters for debugging
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: do not set packet default values
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: implement some useful command line option
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: implement new 'outside' zone
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: improve kernel simulation
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
delete trailing whitespace cleanup
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
add Makefile targets for regression tests
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
add regression test infrastructure
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
allow to read config from test directory
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
use PVEFW-VENET-IN/OUT inside PVEFW-INPUT/OUTPUT chains
Signed-off-by: Dietmar Maurer <
dietmar@proxmox.com
>
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
move nosmurfs, tcpflags and conntrack established outside...
Signed-off-by: Dietmar Maurer <
dietmar@proxmox.com
>
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
remove dead code
Signed-off-by: Dietmar Maurer <
dietmar@proxmox.com
>
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
add PVEFW-VENET-IN && PVEFW-VENET-OUT chains
Signed-off-by: Dietmar Maurer <
dietmar@proxmox.com
>
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
remove bridge chains
Signed-off-by: Dietmar Maurer <
dietmar@proxmox.com
>
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
use hex digest to avoid url encoding problems
Signed-off-by: Dietmar Maurer <
dietmar@proxmox.com
>
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
avoid error about undefined array
Signed-off-by: Dietmar Maurer <
dietmar@proxmox.com
>
commit
|
commitdiff
|
tree
2014-05-06
Dietmar Maurer
set RELEASE to 3.2
commit
|
commitdiff
|
tree
2014-05-06
Dietmar Maurer
remove allow_bridge_route setting
commit
|
commitdiff
|
tree
2014-04-24
Dietmar Maurer
firewall group API: change 'name' to 'group'
commit
|
commitdiff
|
tree
2014-04-22
Dietmar Maurer
generate_ipset: skip undefined ipsets
commit
|
commitdiff
|
tree
2014-04-22
Dietmar Maurer
rename save_rules to save_ipset
commit
|
commitdiff
|
tree
next