2020-05-02 Fabian Grünbichlerclone_vmfw_conf: lock new config
2020-05-02 Fabian Grünbichlerapi: lock configs
2020-05-02 Fabian Grünbichlerapi: add locking helpers
2020-05-02 Fabian Grünbichlerconfigs: add locking helpers
2020-05-02 Mira Limbeckfix #2686: don't add arp-ip-src filter for dhcp
2020-02-05 Christian Ebnerlogging: Add missing logmsg for inbound rules
2020-01-27 Thomas Lamprechtbump version to 4.0-10
2020-01-25 Christian Ebnermacros: add macro for Proxmox Mail Gateway web interface
2020-01-09 Thomas Lamprechtfwtester: sort and group module usage
2020-01-09 Thomas Lamprechtapi node: always pass cluster conf to node FW parser
2019-12-13 Thomas Lamprechtgrammar fix: s/does not exists/does not exist/g
2019-12-03 Thomas Lamprechtbump version to 4.0-9
2019-12-03 Christian Ebnerrules: allow connections on port range 60000:60050...
2019-11-18 Wolfgang Bumillerbump version to 4.0-8
2019-11-18 Alexandre Derumieradd synflood protection
2019-11-18 Alexandre Derumieriptables : add raw table support
2019-11-18 Fabian Grünbichlerd/control: add (build-)depends on libpve-cluster-perl
2019-10-22 Thomas Lamprechtfw schemas: add defaults and improve some descriptions
2019-10-22 Thomas Lamprechtincrease default nf_conntrack_max to kernel default
2019-08-27 Mira Limbeckfix use of uninitialized value
2019-08-07 Fabian Grünbichlerbump version to 4.0-7
2019-08-07 Mira Limbeckonly add VM chains if VM firewall is enabled
2019-08-07 Fabian Grünbichlerfix indentation/whitspace
2019-08-07 Fabian Grünbichlerskip tap rule generation if vmfw is disabled
2019-07-23 Thomas Lamprechtbump version to 4.0-6
2019-07-12 Christian Ebnerfirewall macros: add new Ceph protocol v2 port while...
2019-07-12 Thomas Lamprechtfollowup code cleanup
2019-07-12 Thomas Lamprechtbump version to 4.0-5
2019-07-12 Thomas Lamprechtremove base path of runcommand calls
2019-07-11 Thomas Lamprechtbump version to 4.0-4
2019-07-10 Thomas Lamprechtuse /usr/sbin as base path
2019-07-10 Fabian Grünbichlerebtables: treat chain deletion as change
2019-07-10 Fabian Grünbichlerebtables: remove PVE chains properly
2019-07-04 Thomas Lamprechtbump version to 4.0-3
2019-07-03 Fabian Grünbichlerlocalnet: skip local node for corosync information
2019-07-03 Fabian Grünbichlerlocalnet: simplify code
2019-07-03 Fabian Grünbichlerlocalnet: rename variables
2019-07-03 Stefan ReiterFormatting fixes (trailing whitespace and indentation)
2019-07-03 Stefan ReiterDisplay corosync rule info on localnet call
2019-07-03 Stefan ReiterCheck if corosync.conf exists before calling parser
2019-07-02 Fabian Grünbichleradd missing build-depends on libpve-access-control
2019-07-02 Fabian Grünbichleradd versioned (build-) dependency on pve-cluster
2019-07-02 Fabian Grünbichlercorosync: refactor if conditions
2019-07-02 Fabian Grünbichlercorosync: fix multicast detection
2019-07-02 Stefan ReiterOnly include multicast rules if transport is udp
2019-07-02 Stefan ReiterUpdate and add tests for corosync firewall changes
2019-07-02 Stefan ReiterCreate corosync firewall rules independently of localnet
2019-06-24 Thomas Lamprechtbump version to 4.0-2
2019-06-24 Thomas Lamprechtpve-firewall.service: update-alternative ip-/eb- tables...
2019-05-28 Thomas Lamprechtfix CT rule generation with ipfilter set
2019-05-25 Thomas Lamprechtfix systemd warning about PIDFile directory
2019-05-23 Thomas Lamprechtbuildsys: switch upload dist over to buster
2019-05-21 Thomas Lamprechtbump version to 4.0-1
2019-05-21 Thomas Lamprechtbump debian compat level to 10
2019-05-21 Thomas Lamprechtbuildsys: use dpkg-dev makefile helpers for pkg info
2019-05-21 Thomas Lamprechtd/control: fix build-depends-on-obsolete-package
2019-05-21 Thomas Lamprechtd/control: fix priority-extra-is-replaced-by-priority...
2019-05-16 Christian EbnerRemove redundant logging of packets passing the tap...
2019-05-08 Thomas Lamprechtbump version to 3.0-21
2019-05-07 Thomas Lamprechtfollowup: do not replace original variable content
2019-05-07 Thomas Lamprechtfollowup: code cleanup and comment
2019-05-07 Alexandre Derumierfix #2193: arpfilter: CT: remove mask from net ip cidr.
2019-04-30 Alexandre Derumierfix ipv6 PVEFW-reject
2019-04-19 Thomas Lamprechtbump version to 3.0-20
2019-04-19 Thomas Lamprechtfix reading host.fw through IPCC interface
2019-04-18 Mira Limbeckfix #2178: endless loop on ipv6 extension headers
2019-04-17 Thomas Lamprechtremove useless unused Data::Dumper uses
2019-04-17 Thomas Lamprechtfirewall: split and order modules
2019-04-17 Thomas Lamprechtuse IPCC to read FW files if the are backed by pmxcfs
2019-04-17 Thomas Lamprechtremove a level of indirection on FW config parsing
2019-04-17 Thomas Lamprechtmake verbose a global state
2019-04-02 Thomas Lamprechtbump version to 3.0-19
2019-04-02 Thomas Lamprechtbuildsys: no need to not pre-clean for source package
2019-04-01 Thomas Lamprechtbuildsys: correctly cleanup source tarball
2019-04-01 Thomas Lamprechtallow to enable/disable and modify cluster wide log...
2019-03-31 Thomas Lamprechtbuildsys: add dsc target
2019-03-31 Thomas Lamprechtcleanup makefiles, set target dirs per makefile
2019-03-30 Thomas Lamprechtfix Razor macro
2019-03-19 Mira Limbeckadd 'log_nf_conntrack' option description
2019-03-19 Thomas Lamprechtfollowup: minor code style fix
2019-03-19 Thomas Lamprechtfollowup: use default burst limit of 5
2019-03-19 Christian Ebnerfix: #2123 Logging of user defined firewall rules
2019-03-12 Alexandre Derumierebtables: test layer2_protocols in an external chain
2019-03-12 Alexandre Derumierebtables: add arp filtering
2019-03-04 Thomas Lamprechtbump version to 3.0-18
2019-02-22 Thomas Lamprechtd/control: bump version dependency to pve-doc-generator
2019-02-22 Christian Ebner1891 Add zsh command completion for pve-firewall
2019-02-20 Alexandre Derumierdaemon: cleanup '+' character at begin of line
2019-02-18 Alwin AntreichFix unitialized value $mark in bitwise operation
2019-02-05 Alexandre Derumierlog reject : add space after policy REJECT like drop
2019-02-04 Thomas Lamprechtfollowup: avoid long hash access, use own variable
2019-02-04 Christian EbnerFix #1606 Add nf_conntrack_allow_invalid option
2019-01-25 Wolfgang Bumillerbuildsys: build a dbgsym package
2019-01-09 Thomas Lamprechtbump version to 3.0-17
2019-01-09 David Limbecklog and ignore ENOBUFS in nfct_catch
2019-01-09 Wolfgang Bumillerfixup va_arg usage
2018-12-13 David Limbeckadd log_nf_conntrack host firewall option
2018-12-13 David Limbeckadd conntrack logging via libnetfilter_conntrack
2018-12-03 Dominik Csapakfix #2004: do not allow backwards ranges
2018-12-03 Dominik Csapakfix #2005: only allow ascii port digits