projects
/
pve-firewall.git
/ search
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅
next
add support for ipfilter ipset
2014-06-11
Dietmar Maurer
add support for ipfilter ipset
commit
|
commitdiff
|
tree
2014-06-04
Dietmar Maurer
generate /etc/pve/firewall directory automatically
commit
|
commitdiff
|
tree
2014-06-04
Dietmar Maurer
avoid errors about undefined values
commit
|
commitdiff
|
tree
2014-06-04
Dietmar Maurer
bump version to 1.0-5
commit
|
commitdiff
|
tree
2014-06-04
Dietmar Maurer
remove ipsets when firewall disabled
commit
|
commitdiff
|
tree
2014-06-04
Dietmar Maurer
return empty ruleset if firewall disabled in cluster.fw
commit
|
commitdiff
|
tree
2014-06-04
Dietmar Maurer
bump version to 1.0-4
commit
|
commitdiff
|
tree
2014-06-04
Dietmar Maurer
depend on iptables and ipset
commit
|
commitdiff
|
tree
2014-06-04
Dietmar Maurer
change dh_installinit order
commit
|
commitdiff
|
tree
2014-06-02
Dietmar Maurer
improve error message
commit
|
commitdiff
|
tree
2014-06-02
Dietmar Maurer
generate warnings when we read the configuration file
commit
|
commitdiff
|
tree
2014-05-30
Dietmar Maurer
pass ipset errors to GUI
commit
|
commitdiff
|
tree
2014-05-30
Dietmar Maurer
skip non-existent aliases inside ipset configuration
commit
|
commitdiff
|
tree
2014-05-30
Dietmar Maurer
remove dead code from previous commit
commit
|
commitdiff
|
tree
2014-05-30
Dietmar Maurer
code cleanup - introcduce new method resolve_alias
commit
|
commitdiff
|
tree
2014-05-30
Dietmar Maurer
another regression test
commit
|
commitdiff
|
tree
2014-05-30
Dietmar Maurer
cleanup: try to use more consistent method naming
commit
|
commitdiff
|
tree
2014-05-30
Dietmar Maurer
API: add ability to restrict ref list to specified...
commit
|
commitdiff
|
tree
2014-05-30
Dietmar Maurer
API fix: allow aliases in IPSets
commit
|
commitdiff
|
tree
2014-05-30
Dietmar Maurer
parser: verify group and ipset names
commit
|
commitdiff
|
tree
2014-05-28
Dietmar Maurer
implement API to get list of possible refs (aliases...
commit
|
commitdiff
|
tree
2014-05-28
Dietmar Maurer
introduce ipset_name_pattern to avoid confusion
commit
|
commitdiff
|
tree
2014-05-28
Dietmar Maurer
limit alias/ipset name length to 64 characters
commit
|
commitdiff
|
tree
2014-05-28
Dietmar Maurer
add test for long ipset names
commit
|
commitdiff
|
tree
2014-05-28
Dietmar Maurer
fix ipset match - s/src/dst/
commit
|
commitdiff
|
tree
2014-05-28
Dietmar Maurer
implement VM ipsets, allow long ipset names
commit
|
commitdiff
|
tree
2014-05-28
Dietmar Maurer
always pass cluster_conf to load_vmfw_conf
commit
|
commitdiff
|
tree
2014-05-27
Dietmar Maurer
implement ipsets for VM/CT
commit
|
commitdiff
|
tree
2014-05-27
Dietmar Maurer
do not print trace when debug is not set
commit
|
commitdiff
|
tree
2014-05-27
Dietmar Maurer
white space cleanup
commit
|
commitdiff
|
tree
2014-05-27
Dietmar Maurer
implement aliases at VM level
commit
|
commitdiff
|
tree
2014-05-27
Dietmar Maurer
add test for aliases inside vm firewall configuration
commit
|
commitdiff
|
tree
2014-05-27
Dietmar Maurer
fwtester.pl: add warnings to trace
commit
|
commitdiff
|
tree
2014-05-26
Dietmar Maurer
fix comment
commit
|
commitdiff
|
tree
2014-05-26
Dietmar Maurer
skip diabled rules and rules with errors early
commit
|
commitdiff
|
tree
2014-05-26
Dietmar Maurer
ruleset_generate_vm_rules: skip rules with errors
commit
|
commitdiff
|
tree
2014-05-26
Dietmar Maurer
improve rule verification
commit
|
commitdiff
|
tree
2014-05-26
Dietmar Maurer
pass $rule_env (cluster/host/vm/ct) to rule parser.
commit
|
commitdiff
|
tree
2014-05-23
Dietmar Maurer
improve error handling
commit
|
commitdiff
|
tree
2014-05-23
Dietmar Maurer
allow to read rule with errors
commit
|
commitdiff
|
tree
2014-05-22
Dietmar Maurer
close inotify handle before restart
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
improve rules API
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
fix API: property sport/dport requires protocol
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
fix test/test-errors3 - protect rule generation with...
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
add new test case to show serious bug
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
allow igmp traffic
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
add another test case
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
fix for test case test/test-errors1
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
add test case to show serious bug
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
use GET instead of POST for command that do not change...
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
add new localnet command
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
rename cluster_network to local_network, introduce...
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
add tests for management ipset
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
Introduce new management ipset
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
do not use ctstate in corosync rule
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
start alias support for VMs
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
improve documentation
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
do not log simulate warnings to syslog
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
add simulate command for easy testing
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
move test code to FirewallSimulator.pm
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
add tests for corosync multicast addrtype rules
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
do not enable VM firewall by default
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
add tests for default rules
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
fwtester: set cluster network to 172.16.1.0/24, host_ip...
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
allow tests without cluster.fw and host.fw configuration
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
also allow VNC and SPICE traffic inside cluster_network
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
do not use -s for outgoing corosync rules
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
implement setter for cluster_network
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
fix regression test for previous commits
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
use $accept_action for standard rules
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
add standard rules after user rules
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
fix corosync rules (restrict to cluster network)
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
remove wrong corosync rules using port 9000
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
allow API/SSH/SPICE/VNC traffic on local cluster network...
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
remove unused options
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
add init function
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
do not restart pvefw-logger with debian triggers
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
avoid logs by default
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
remove unused parameters
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
change rule format: use named parameters
commit
|
commitdiff
|
tree
2014-05-16
Dietmar Maurer
include manual page
commit
|
commitdiff
|
tree
2014-05-16
Dietmar Maurer
cleanup firewall service implementation
commit
|
commitdiff
|
tree
2014-05-16
Dietmar Maurer
do not abort if security groups does not exists
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
add ipset regression tests
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fwtester: implement ipset testing
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fix blacklist example
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
add tests for unconfigured firewall (empty files)
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
add group tests for container
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fix security groups for VMs
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
add security group tests
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fwtester: add ability to run tests on several zones
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
correctly emit group rules for host
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fwtester: improve rule_match
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
correctly use dest instead of source
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
allow GROUP rule without iface
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fwtester: set firewall=1 for test VM interfaces
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fwtester: simplify code with ne bport zone
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
improve error messages
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: add new zone 'nfwm' to simulate a non-firewalled VM
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: do not count ENTER/LEAVE
commit
|
commitdiff
|
tree
next