projects
/
pve-firewall.git
/ shortlog
commit
grep
author
committer
pickaxe
?
search:
re
summary
| shortlog |
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅
next
pve-firewall.git
2014-03-21
Dietmar Maurer
code cleanup: use ruleset_generate_rule to generate...
commit
|
commitdiff
|
tree
2014-03-21
Dietmar Maurer
assume rule is enabled if {enable} is not defined
commit
|
commitdiff
|
tree
2014-03-21
Alexandre Derumier
dhcp out rule : use goto instead jump
commit
|
commitdiff
|
tree
2014-03-20
Dietmar Maurer
use enable instead of disable
commit
|
commitdiff
|
tree
2014-03-20
Dietmar Maurer
implement nosmurfs option for hiost firewall
commit
|
commitdiff
|
tree
2014-03-20
Dietmar Maurer
add tcpflags to host.fw example
commit
|
commitdiff
|
tree
2014-03-20
Dietmar Maurer
implement option tcpflags for host firewall
commit
|
commitdiff
|
tree
2014-03-20
Alexandre Derumier
generate_group_rules : fix check of security group
commit
|
commitdiff
|
tree
2014-03-19
Dietmar Maurer
fix dhcp rule
commit
|
commitdiff
|
tree
2014-03-19
Dietmar Maurer
allow to use utf8 encoded comments
commit
|
commitdiff
|
tree
2014-03-19
Dietmar Maurer
switch back to gnu99 std
commit
|
commitdiff
|
tree
2014-03-19
Dietmar Maurer
remove optimization which accepts unrelated traffic
commit
|
commitdiff
|
tree
2014-03-18
Dietmar Maurer
start VM firewall API
commit
|
commitdiff
|
tree
2014-03-18
Dietmar Maurer
start host API
commit
|
commitdiff
|
tree
2014-03-18
Dietmar Maurer
improve security group API
commit
|
commitdiff
|
tree
2014-03-18
Dietmar Maurer
start API
commit
|
commitdiff
|
tree
2014-03-18
Dietmar Maurer
new method load_security_groups()
commit
|
commitdiff
|
tree
2014-03-17
Dietmar Maurer
remove obsolete comment
commit
|
commitdiff
|
tree
2014-03-17
Dietmar Maurer
avoid dependency problems
commit
|
commitdiff
|
tree
2014-03-17
Dietmar Maurer
use signalfd instead of g_unix_signal_add
commit
|
commitdiff
|
tree
2014-03-17
Dietmar Maurer
add option parser and print usage information
commit
|
commitdiff
|
tree
2014-03-15
Dietmar Maurer
add compile time test for log struct size
commit
|
commitdiff
|
tree
2014-03-14
Dietmar Maurer
use gnu11 instead of gnu99 (newer)
commit
|
commitdiff
|
tree
2014-03-14
Dietmar Maurer
improve Makefile clean target
commit
|
commitdiff
|
tree
2014-03-14
Dietmar Maurer
add missing init.d file for pvefw-logger
commit
|
commitdiff
|
tree
2014-03-14
Dietmar Maurer
really stop daemon on write error
commit
|
commitdiff
|
tree
2014-03-14
Dietmar Maurer
additionally log status messages to syslog
commit
|
commitdiff
|
tree
2014-03-14
Dietmar Maurer
use phydev numbers if name lookup fails
commit
|
commitdiff
|
tree
2014-03-14
Dietmar Maurer
improve log format
commit
|
commitdiff
|
tree
2014-03-13
Dietmar Maurer
add simple nflog daemon
commit
|
commitdiff
|
tree
2014-03-12
Alexandre Derumier
fix 110.fw example
commit
|
commitdiff
|
tree
2014-03-10
Dietmar Maurer
add ifupdown helper to setup MASQUERADE on veth device
commit
|
commitdiff
|
tree
2014-03-10
Dietmar Maurer
avoid use of --physdev-is-bridged whenever possible
commit
|
commitdiff
|
tree
2014-03-10
Dietmar Maurer
use correct mac for veth containers
commit
|
commitdiff
|
tree
2014-03-10
Dietmar Maurer
add reminder that we should use ULOG
commit
|
commitdiff
|
tree
2014-03-10
Dietmar Maurer
add documentation for masqueraded setup
commit
|
commitdiff
|
tree
2014-03-07
Dietmar Maurer
do not use multiport for single port range
commit
|
commitdiff
|
tree
2014-03-06
Dietmar Maurer
ifupdown.sh: correctly use ifup instead of ifconfig
commit
|
commitdiff
|
tree
2014-03-06
Dietmar Maurer
ifupdown.sh: improve error handling
commit
|
commitdiff
|
tree
2014-03-06
Dietmar Maurer
add ifupdown helper to create veth devices plugged...
commit
|
commitdiff
|
tree
2014-03-06
Dietmar Maurer
update documentation
commit
|
commitdiff
|
tree
2014-03-06
Dietmar Maurer
implement allow_bridge_route feature
commit
|
commitdiff
|
tree
2014-03-06
Dietmar Maurer
use perl taint mode
commit
|
commitdiff
|
tree
2014-03-06
Dietmar Maurer
do not use perl -w
commit
|
commitdiff
|
tree
2014-03-06
Dietmar Maurer
use RETURN instead of ACCEPT to allow further processing
commit
|
commitdiff
|
tree
2014-03-06
Dietmar Maurer
only update nf_conntrack_max if firewall is started
commit
|
commitdiff
|
tree
2014-03-05
Dietmar Maurer
plug venet0 chains into PVEFW-INPUT and PVEFW-OUTPUT
commit
|
commitdiff
|
tree
2014-03-05
Dietmar Maurer
plug venet0 chains into PVEFW-FORWARD
commit
|
commitdiff
|
tree
2014-03-05
Dietmar Maurer
add optimization as last step
commit
|
commitdiff
|
tree
2014-03-05
Dietmar Maurer
use parse_address_list to validate IP list
commit
|
commitdiff
|
tree
2014-03-05
Dietmar Maurer
generate chains for openvz venet
commit
|
commitdiff
|
tree
2014-03-05
Dietmar Maurer
add veth chain to is_pvefw_chain()
commit
|
commitdiff
|
tree
2014-03-05
Dietmar Maurer
start openvz support
commit
|
commitdiff
|
tree
2014-03-05
Dietmar Maurer
use underscore instead of hyphen for fw options
commit
|
commitdiff
|
tree
2014-03-05
Dietmar Maurer
add nf_conntrack_max to example config
commit
|
commitdiff
|
tree
2014-03-05
Dietmar Maurer
implement nf_conntrack_max option
commit
|
commitdiff
|
tree
2014-03-05
Dietmar Maurer
cleanup - avoid warning about undefined value
commit
|
commitdiff
|
tree
2014-03-05
Dietmar Maurer
cleanups - use better names
commit
|
commitdiff
|
tree
2014-03-04
Dietmar Maurer
improve logging
commit
|
commitdiff
|
tree
2014-03-04
Dietmar Maurer
correctly init PVEFW-FORWARD chain
commit
|
commitdiff
|
tree
2014-03-04
Dietmar Maurer
add $bridge-OUT chain to PVEFW-INPUT
commit
|
commitdiff
|
tree
2014-03-04
Dietmar Maurer
clear mark when entering tapXZY-OUT chain
commit
|
commitdiff
|
tree
2014-03-04
Dietmar Maurer
correctly implement policy for host firewall
commit
|
commitdiff
|
tree
2014-03-04
Dietmar Maurer
factor out code to produce policy rules
commit
|
commitdiff
|
tree
2014-03-04
Dietmar Maurer
fix comment
commit
|
commitdiff
|
tree
2014-03-04
Dietmar Maurer
remove unnecessary rule
commit
|
commitdiff
|
tree
2014-03-04
Dietmar Maurer
s/enablehostfw/enable_host_firewall/
commit
|
commitdiff
|
tree
2014-03-04
Dietmar Maurer
make sure syncookies are enabled
commit
|
commitdiff
|
tree
2014-03-04
Dietmar Maurer
use PVE::ProcFSTools::write_proc_entry instead of syste...
commit
|
commitdiff
|
tree
2014-03-04
Dietmar Maurer
cleanup ruleset_generate_rule()
commit
|
commitdiff
|
tree
2014-03-04
Dietmar Maurer
improve clean target
commit
|
commitdiff
|
tree
2014-03-04
Dietmar Maurer
remove stale file
commit
|
commitdiff
|
tree
2014-03-03
Dietmar Maurer
merge IN/OUT section into RULES section
commit
|
commitdiff
|
tree
2014-03-03
Dietmar Maurer
assemble debian package
commit
|
commitdiff
|
tree
2014-02-28
Dietmar Maurer
implement log_level_in and log_level_out options
commit
|
commitdiff
|
tree
2014-02-28
Dietmar Maurer
implement log level options
commit
|
commitdiff
|
tree
2014-02-28
Dietmar Maurer
use a file to store firewall status persistently.
commit
|
commitdiff
|
tree
2014-02-28
Dietmar Maurer
ignoreZ source/destination port if no protocol specified
commit
|
commitdiff
|
tree
2014-02-27
Dietmar Maurer
use defined() to check fot undefined value
commit
|
commitdiff
|
tree
2014-02-27
Dietmar Maurer
improve multiport rule generator
commit
|
commitdiff
|
tree
2014-02-27
Dietmar Maurer
fix Ping macro
commit
|
commitdiff
|
tree
2014-02-27
Dietmar Maurer
improve example
commit
|
commitdiff
|
tree
2014-02-27
Dietmar Maurer
allow to disable single rules, and add ability to add...
commit
|
commitdiff
|
tree
2014-02-27
Dietmar Maurer
add 'dhcp' option (enabled by default)
commit
|
commitdiff
|
tree
2014-02-27
Dietmar Maurer
use PVEFW-reject instead of REJECT
commit
|
commitdiff
|
tree
2014-02-27
Dietmar Maurer
accept traffic to unmanaged bridge ports
commit
|
commitdiff
|
tree
2014-02-27
Dietmar Maurer
correctly apply macros
commit
|
commitdiff
|
tree
2014-02-26
Dietmar Maurer
implement nosmurfs options (enabled by default)
commit
|
commitdiff
|
tree
2014-02-26
Dietmar Maurer
implement option 'tcpflags' to log illegal combinations...
commit
|
commitdiff
|
tree
2014-02-26
Dietmar Maurer
make mac address filtering optional (default enabled)
commit
|
commitdiff
|
tree
2014-02-26
Dietmar Maurer
use chains from previous commit to reduce logging
commit
|
commitdiff
|
tree
2014-02-26
Dietmar Maurer
add some useful chains
commit
|
commitdiff
|
tree
2014-02-26
Dietmar Maurer
add a way to define some default chains
commit
|
commitdiff
|
tree
2014-02-26
Dietmar Maurer
fix multiport rules and add icmp type names
commit
|
commitdiff
|
tree
2014-02-26
Dietmar Maurer
cleanups
commit
|
commitdiff
|
tree
2014-02-26
Dietmar Maurer
always use PVEFW-SET-ACCEPT-MARK for OUT chain
commit
|
commitdiff
|
tree
2014-02-26
Alexandre Derumier
bridge rules : -j ACCEPT for physical interfaces
commit
|
commitdiff
|
tree
2014-02-25
Alexandre Derumier
use RETURN instead ACCEPT for tap-out rules
commit
|
commitdiff
|
tree
2014-02-25
Dietmar Maurer
implement VM policy option
commit
|
commitdiff
|
tree
2014-02-25
Dietmar Maurer
implement 'enable' option
commit
|
commitdiff
|
tree
next