2014-05-16 Dietmar Maurerinclude manual page
2014-05-16 Dietmar Maurercleanup firewall service implementation
2014-05-16 Alexandre Derumierbypass PVEFW-VENET-IN|OUT for unfirewalled venet0 ips
2014-05-16 Dietmar Maurerdo not abort if security groups does not exists
2014-05-15 Dietmar Maureradd ipset regression tests
2014-05-15 Dietmar Maurerfwtester: implement ipset testing
2014-05-15 Dietmar Maurerfix blacklist example
2014-05-15 Dietmar Maureradd tests for unconfigured firewall (empty files)
2014-05-15 Dietmar Maureradd group tests for container
2014-05-15 Dietmar Maurerfix security groups for VMs
2014-05-15 Dietmar Maureradd security group tests
2014-05-15 Dietmar Maurerfwtester: add ability to run tests on several zones
2014-05-15 Dietmar Maurercorrectly emit group rules for host
2014-05-15 Dietmar Maurerfwtester: improve rule_match
2014-05-15 Dietmar Maurercorrectly use dest instead of source
2014-05-15 Dietmar Maurerallow GROUP rule without iface
2014-05-15 Dietmar Maurerfwtester: set firewall=1 for test VM interfaces
2014-05-15 Alexandre Derumieronly add tap rules for interface with firewall=1
2014-05-15 Dietmar Maurerfwtester: simplify code with ne bport zone
2014-05-15 Dietmar Maurerimprove error messages
2014-05-14 Dietmar Maurerfwtester: add new zone 'nfwm' to simulate a non-firewal...
2014-05-14 Dietmar Maurerfwtester: do not count ENTER/LEAVE
2014-05-14 Dietmar Maureradd README for fwtester.pl
2014-05-14 Alexandre Derumierfix interface in rules for host-in and host-out
2014-05-14 Dietmar Maureradd tests for host interface match
2014-05-14 Dietmar Maurerfwtester: support dev regex with -i and -o
2014-05-14 Dietmar Maurerfwtester: fix emulation - correctly set phydev_in
2014-05-14 Dietmar Maurerfwtester: add counters for debugging
2014-05-14 Dietmar Maurerfwtester: do not set packet default values
2014-05-14 Alexandre Derumiermove blacklist inside ruleset_chain_add_input_filters
2014-05-14 Alexandre Derumierremove optimize option
2014-05-14 Dietmar Maurerfwtester: implement some useful command line option
2014-05-14 Dietmar Maurerfwtester: implement new 'outside' zone
2014-05-14 Dietmar Maurerfwtester: improve kernel simulation
2014-05-14 Dietmar Maurerdelete trailing whitespace cleanup
2014-05-14 Alexandre Derumierallow multiple spaces in venet0 ip list
2014-05-14 Alexandre Derumierrename link+ to fwln+
2014-05-13 Alexandre Derumierbugfix : allow multiples venet0 ip in 1 container
2014-05-13 Alexandre Derumierinsert PVEFW-IPS after vm rules generation v2
2014-05-13 Dietmar Maureradd Makefile targets for regression tests
2014-05-13 Dietmar Maureradd regression test infrastructure
2014-05-13 Dietmar Maurerallow to read config from test directory
2014-05-13 Dietmar Maureruse PVEFW-VENET-IN/OUT inside PVEFW-INPUT/OUTPUT chains
2014-05-13 Dietmar Maurermove nosmurfs, tcpflags and conntrack established outsi...
2014-05-13 Dietmar Maurerremove dead code
2014-05-13 Dietmar Maureradd PVEFW-VENET-IN && PVEFW-VENET-OUT chains
2014-05-13 Dietmar Maurerremove bridge chains
2014-05-13 Dietmar Maureruse hex digest to avoid url encoding problems
2014-05-13 Dietmar Maureravoid error about undefined array
2014-05-06 Dietmar Maurerset RELEASE to 3.2
2014-05-06 Dietmar Maurerremove allow_bridge_route setting
2014-04-24 Dietmar Maurerfirewall group API: change 'name' to 'group'
2014-04-23 Alexandre Derumieradd global ipset blacklist
2014-04-22 Dietmar Maurergenerate_ipset: skip undefined ipsets
2014-04-22 Dietmar Maurerrename save_rules to save_ipset
2014-04-22 Dietmar Maureralias API: implement rename
2014-04-22 Dietmar Maurerstart API for aliases
2014-04-22 Dietmar Maurercorrectly save aliases
2014-04-22 Dietmar Maurerruleset_generate_vm_rules: use 'warn' instead of 'die'
2014-04-22 Dietmar Maurerruleset_generate_vm_rule: avoid multiple calls to gener...
2014-04-22 Dietmar Maurergenerate_nfqueue: code cleanup
2014-04-22 Dietmar Maurerruleset_generate_rule: update all or nothing
2014-04-22 Alexandre Derumierupdate update_nf_conntrack_max && nf_conntrack_tcp_time...
2014-04-22 Dietmar Maurercode cleanup
2014-04-22 Alexandre Derumieriptables_get_chains : allow bridgevlan vmbrXvY
2014-04-22 Alexandre Derumieroptimize : accept from physical interfaces on bridges
2014-04-22 Alexandre Derumieradd aliases feature
2014-04-18 Dietmar Maureradd README and example to debian package
2014-04-18 Dietmar Maurerfix README
2014-04-18 Dietmar Maureronly allow tcpflafgs and nosmurfs in host.fw
2014-04-18 Dietmar Maurerenable cluster wide rules
2014-04-18 Dietmar Maureradd remaining options to VM API
2014-04-18 Dietmar Maureradd options and log API for VMs
2014-04-17 Alexandre Derumierbugfix : ruleset_generate_cmdstr : use -d for destination
2014-04-15 Dietmar Maurercomplete options API for host.fw
2014-04-15 Dietmar Maureradd API for firewall log
2014-04-15 Dietmar Maurercorrectly initialize std chains
2014-04-15 Dietmar Maurerdo not set persistent state if firewall is disabled
2014-04-15 Dietmar Maurerdisable firewall by default
2014-04-15 Dietmar Maureradd init script to start firewall
2014-04-15 Alexandre Derumierips : allow --queue-bypass only for kernel 3.10
2014-04-15 Dietmar Maurerstop firewall inside update if firewall is disabled...
2014-04-14 Dietmar Maurerimplement API for cluster.fw policy_in and policy_out...
2014-04-14 Dietmar Maurermove host policy setting to cluster.fw
2014-04-14 Dietmar Maurerremove option dhcp for host.fw
2014-04-14 Alexandre Derumieradd tunnable nf_conntrack_tcp_timeout_established value
2014-04-11 Dietmar Maurercopy_xxx_with_digest: do not copy undefined values
2014-04-11 Dietmar Maurerimprove concurrent update handling
2014-04-10 Dietmar Maurercorrectly encode section comments as utf8
2014-04-10 Dietmar Maurersupport comments on ipset sections
2014-04-10 Dietmar Maurerrules API: protect against concurrent updates
2014-04-10 Dietmar Maurersecurity group API: protect against concurrent updates
2014-04-10 Dietmar Maurerdefine standard option pve-config-digest
2014-04-09 Dietmar Maurersupport comments on group sections
2014-04-09 Dietmar Maurercorrectly save security group rules
2014-04-09 Dietmar Maurercomplete security group API
2014-04-09 Dietmar Maurerdefine standard option for security group names
2014-04-09 Dietmar Maurercorrectly verify ipset name
2014-04-09 Dietmar MaurerIPSet: implement rename API
2014-04-09 Dietmar Maureradd newline to error message