projects
/
pve-firewall.git
/ search
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅
next
add new localnet command
2014-05-21
Dietmar Maurer
add new localnet command
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
rename cluster_network to local_network, introduce...
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
add tests for management ipset
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
Introduce new management ipset
commit
|
commitdiff
|
tree
2014-05-21
Dietmar Maurer
do not use ctstate in corosync rule
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
start alias support for VMs
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
improve documentation
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
do not log simulate warnings to syslog
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
add simulate command for easy testing
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
move test code to FirewallSimulator.pm
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
add tests for corosync multicast addrtype rules
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
do not enable VM firewall by default
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
add tests for default rules
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
fwtester: set cluster network to 172.16.1.0/24, host_ip...
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
allow tests without cluster.fw and host.fw configuration
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
also allow VNC and SPICE traffic inside cluster_network
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
do not use -s for outgoing corosync rules
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
implement setter for cluster_network
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
fix regression test for previous commits
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
use $accept_action for standard rules
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
add standard rules after user rules
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
fix corosync rules (restrict to cluster network)
commit
|
commitdiff
|
tree
2014-05-20
Dietmar Maurer
remove wrong corosync rules using port 9000
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
allow API/SSH/SPICE/VNC traffic on local cluster network...
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
remove unused options
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
add init function
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
do not restart pvefw-logger with debian triggers
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
avoid logs by default
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
remove unused parameters
commit
|
commitdiff
|
tree
2014-05-19
Dietmar Maurer
change rule format: use named parameters
commit
|
commitdiff
|
tree
2014-05-16
Dietmar Maurer
include manual page
commit
|
commitdiff
|
tree
2014-05-16
Dietmar Maurer
cleanup firewall service implementation
commit
|
commitdiff
|
tree
2014-05-16
Dietmar Maurer
do not abort if security groups does not exists
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
add ipset regression tests
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fwtester: implement ipset testing
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fix blacklist example
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
add tests for unconfigured firewall (empty files)
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
add group tests for container
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fix security groups for VMs
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
add security group tests
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fwtester: add ability to run tests on several zones
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
correctly emit group rules for host
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fwtester: improve rule_match
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
correctly use dest instead of source
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
allow GROUP rule without iface
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fwtester: set firewall=1 for test VM interfaces
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
fwtester: simplify code with ne bport zone
commit
|
commitdiff
|
tree
2014-05-15
Dietmar Maurer
improve error messages
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: add new zone 'nfwm' to simulate a non-firewalled VM
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: do not count ENTER/LEAVE
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
add README for fwtester.pl
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
add tests for host interface match
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: support dev regex with -i and -o
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: fix emulation - correctly set phydev_in
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: add counters for debugging
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: do not set packet default values
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: implement some useful command line option
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: implement new 'outside' zone
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
fwtester: improve kernel simulation
commit
|
commitdiff
|
tree
2014-05-14
Dietmar Maurer
delete trailing whitespace cleanup
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
add Makefile targets for regression tests
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
add regression test infrastructure
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
allow to read config from test directory
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
use PVEFW-VENET-IN/OUT inside PVEFW-INPUT/OUTPUT chains
Signed-off-by: Dietmar Maurer <
dietmar@proxmox.com
>
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
move nosmurfs, tcpflags and conntrack established outside...
Signed-off-by: Dietmar Maurer <
dietmar@proxmox.com
>
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
remove dead code
Signed-off-by: Dietmar Maurer <
dietmar@proxmox.com
>
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
add PVEFW-VENET-IN && PVEFW-VENET-OUT chains
Signed-off-by: Dietmar Maurer <
dietmar@proxmox.com
>
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
remove bridge chains
Signed-off-by: Dietmar Maurer <
dietmar@proxmox.com
>
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
use hex digest to avoid url encoding problems
Signed-off-by: Dietmar Maurer <
dietmar@proxmox.com
>
commit
|
commitdiff
|
tree
2014-05-13
Dietmar Maurer
avoid error about undefined array
Signed-off-by: Dietmar Maurer <
dietmar@proxmox.com
>
commit
|
commitdiff
|
tree
2014-05-06
Dietmar Maurer
set RELEASE to 3.2
commit
|
commitdiff
|
tree
2014-05-06
Dietmar Maurer
remove allow_bridge_route setting
commit
|
commitdiff
|
tree
2014-04-24
Dietmar Maurer
firewall group API: change 'name' to 'group'
commit
|
commitdiff
|
tree
2014-04-22
Dietmar Maurer
generate_ipset: skip undefined ipsets
commit
|
commitdiff
|
tree
2014-04-22
Dietmar Maurer
rename save_rules to save_ipset
commit
|
commitdiff
|
tree
2014-04-22
Dietmar Maurer
alias API: implement rename
commit
|
commitdiff
|
tree
2014-04-22
Dietmar Maurer
start API for aliases
commit
|
commitdiff
|
tree
2014-04-22
Dietmar Maurer
correctly save aliases
commit
|
commitdiff
|
tree
2014-04-22
Dietmar Maurer
ruleset_generate_vm_rules: use 'warn' instead of 'die'
commit
|
commitdiff
|
tree
2014-04-22
Dietmar Maurer
ruleset_generate_vm_rule: avoid multiple calls to generate_n...
commit
|
commitdiff
|
tree
2014-04-22
Dietmar Maurer
generate_nfqueue: code cleanup
commit
|
commitdiff
|
tree
2014-04-22
Dietmar Maurer
ruleset_generate_rule: update all or nothing
commit
|
commitdiff
|
tree
2014-04-22
Dietmar Maurer
code cleanup
commit
|
commitdiff
|
tree
2014-04-18
Dietmar Maurer
add README and example to debian package
commit
|
commitdiff
|
tree
2014-04-18
Dietmar Maurer
fix README
commit
|
commitdiff
|
tree
2014-04-18
Dietmar Maurer
only allow tcpflafgs and nosmurfs in host.fw
commit
|
commitdiff
|
tree
2014-04-18
Dietmar Maurer
enable cluster wide rules
commit
|
commitdiff
|
tree
2014-04-18
Dietmar Maurer
add remaining options to VM API
commit
|
commitdiff
|
tree
2014-04-18
Dietmar Maurer
add options and log API for VMs
commit
|
commitdiff
|
tree
2014-04-15
Dietmar Maurer
complete options API for host.fw
commit
|
commitdiff
|
tree
2014-04-15
Dietmar Maurer
add API for firewall log
commit
|
commitdiff
|
tree
2014-04-15
Dietmar Maurer
correctly initialize std chains
commit
|
commitdiff
|
tree
2014-04-15
Dietmar Maurer
do not set persistent state if firewall is disabled
commit
|
commitdiff
|
tree
2014-04-15
Dietmar Maurer
disable firewall by default
commit
|
commitdiff
|
tree
2014-04-15
Dietmar Maurer
add init script to start firewall
commit
|
commitdiff
|
tree
2014-04-15
Dietmar Maurer
stop firewall inside update if firewall is disabled...
commit
|
commitdiff
|
tree
2014-04-14
Dietmar Maurer
implement API for cluster.fw policy_in and policy_out...
commit
|
commitdiff
|
tree
2014-04-14
Dietmar Maurer
move host policy setting to cluster.fw
commit
|
commitdiff
|
tree
2014-04-14
Dietmar Maurer
remove option dhcp for host.fw
commit
|
commitdiff
|
tree
2014-04-11
Dietmar Maurer
copy_xxx_with_digest: do not copy undefined values
commit
|
commitdiff
|
tree
next