2022-09-12 Thomas Lamprechtmacros: s/SPICE/SPICEproxy/ master
2022-09-12 Oguz Bektasfix #4018: add firewall macro for SPICE
2022-08-29 Thomas Lamprechtbump version to 4.2-6
2022-08-29 Fabian Grünbichlerfix #4175: ignore non-filter ebtables tables
2022-08-25 Mira Limbeckfix invalid vmfw config being interpreted as enabled
2022-08-25 Thomas Lamprechtdaemon: code cleanup/shortify
2022-08-25 Thomas Lamprechtwhitespace/indentation/line-length cleanup
2022-05-15 Thomas Lamprechtconfig defaults: macfilter defaults to on
2021-11-04 Thomas Lamprechtbump version to 4.2-5
2021-10-29 Thomas Lamprechtfix #3677: follow up: actually handle bucket size and...
2021-10-28 Mark Yardleyfix #3677 ipset_get_chains fixed to work with new ipset...
2021-10-12 Thomas Lamprechtbump version to 4.2-4
2021-09-10 Thomas Lamprechtbump version to 4.2-3
2021-08-06 Lorenz Stechaunerfix #2721: remove reject tcp 43 from default drop and...
2021-06-21 Thomas Lamprechtbump version to 4.2-2
2021-05-26 Stoiko Ivanovset sysctls on every apply
2021-05-24 Thomas Lamprechtbuildsys: change upload/repo dist to bullseye
2021-05-24 Thomas Lamprechtd/rules: cleanup systemd overrides
2021-05-12 Thomas Lamprechtbump version to 4.2-1
2021-05-12 Thomas Lamprechtdebian: run wrap-and-sort -abt
2021-05-12 Thomas Lamprechtinstall pvefw-logger.service in multi-user.target
2021-05-12 Thomas Lamprechtd/control: bump debhelper compat to >= 12
2021-05-12 Thomas Lamprechtfw logger: cosmetic fixes
2021-04-22 Aaron Lautererfix #967: source: dest: limit length
2021-02-22 Mira Limbeckfix #2358: allow --<opt> in firewall rule config files
2020-09-18 Thomas Lamprechtbump version to 4.1-3
2020-09-18 Thomas Lamprechtimprove log burst property description
2020-09-18 Thomas Lamprechtvarious typo fixes
2020-09-09 Mira Limbeckintroduce new icmp-type parameter
2020-07-01 Stoiko Ivanovfix #2773: ebtables: keep policy of custom chains
2020-05-06 Thomas Lamprechtbump version to 4.1-2
2020-05-06 Thomas LamprechtRevert "rules: verify referenced security group exists"
2020-05-04 Thomas Lamprechtbump version to 4.1-1
2020-05-04 Thomas Lamprechtadd dport: factor out ICMP-type validity checking
2020-05-04 Thomas Lamprechticmp: allow to specify the echo-reply (0) type as integer
2020-05-04 Thomas Lamprechtfix typo: s/ICPM/ICMP/
2020-05-04 Thomas Lamprechttest/simulator: add very basic ICMP type functionallity
2020-05-04 Thomas Lamprechtfwtester: reduce extra empty lines a bit
2020-05-04 Thomas Lamprechttest/README: whitespace fixes and slight rewording
2020-05-04 Mira Limbeckfix wrong icmpv6 types
2020-05-04 Mira Limbeckfix iptables-restore failing if icmp-type value > 255
2020-05-02 Thomas Lamprechtd/control: bump pve-cluster dependency for new lock...
2020-05-02 Fabian Grünbichlerrules: verify referenced security group exists
2020-05-02 Fabian Grünbichlerconfigs: warn about duplicate ipset entries
2020-05-02 Fabian Grünbichlerapi/ipsets: parse_cidr before checking for duplicates
2020-05-02 Fabian Grünbichlerclone_vmfw_conf: lock new config
2020-05-02 Fabian Grünbichlerapi: lock configs
2020-05-02 Fabian Grünbichlerapi: add locking helpers
2020-05-02 Fabian Grünbichlerconfigs: add locking helpers
2020-05-02 Mira Limbeckfix #2686: don't add arp-ip-src filter for dhcp
2020-02-05 Christian Ebnerlogging: Add missing logmsg for inbound rules
2020-01-27 Thomas Lamprechtbump version to 4.0-10
2020-01-25 Christian Ebnermacros: add macro for Proxmox Mail Gateway web interface
2020-01-09 Thomas Lamprechtfwtester: sort and group module usage
2020-01-09 Thomas Lamprechtapi node: always pass cluster conf to node FW parser
2019-12-13 Thomas Lamprechtgrammar fix: s/does not exists/does not exist/g
2019-12-03 Thomas Lamprechtbump version to 4.0-9
2019-12-03 Christian Ebnerrules: allow connections on port range 60000:60050...
2019-11-18 Wolfgang Bumillerbump version to 4.0-8
2019-11-18 Alexandre Derumieradd synflood protection
2019-11-18 Alexandre Derumieriptables : add raw table support
2019-11-18 Fabian Grünbichlerd/control: add (build-)depends on libpve-cluster-perl
2019-10-22 Thomas Lamprechtfw schemas: add defaults and improve some descriptions
2019-10-22 Thomas Lamprechtincrease default nf_conntrack_max to kernel default
2019-08-27 Mira Limbeckfix use of uninitialized value
2019-08-07 Fabian Grünbichlerbump version to 4.0-7
2019-08-07 Mira Limbeckonly add VM chains if VM firewall is enabled
2019-08-07 Fabian Grünbichlerfix indentation/whitspace
2019-08-07 Fabian Grünbichlerskip tap rule generation if vmfw is disabled
2019-07-23 Thomas Lamprechtbump version to 4.0-6
2019-07-12 Christian Ebnerfirewall macros: add new Ceph protocol v2 port while...
2019-07-12 Thomas Lamprechtfollowup code cleanup
2019-07-12 Thomas Lamprechtbump version to 4.0-5
2019-07-12 Thomas Lamprechtremove base path of runcommand calls
2019-07-11 Thomas Lamprechtbump version to 4.0-4
2019-07-10 Thomas Lamprechtuse /usr/sbin as base path
2019-07-10 Fabian Grünbichlerebtables: treat chain deletion as change
2019-07-10 Fabian Grünbichlerebtables: remove PVE chains properly
2019-07-04 Thomas Lamprechtbump version to 4.0-3
2019-07-03 Fabian Grünbichlerlocalnet: skip local node for corosync information
2019-07-03 Fabian Grünbichlerlocalnet: simplify code
2019-07-03 Fabian Grünbichlerlocalnet: rename variables
2019-07-03 Stefan ReiterFormatting fixes (trailing whitespace and indentation)
2019-07-03 Stefan ReiterDisplay corosync rule info on localnet call
2019-07-03 Stefan ReiterCheck if corosync.conf exists before calling parser
2019-07-02 Fabian Grünbichleradd missing build-depends on libpve-access-control
2019-07-02 Fabian Grünbichleradd versioned (build-) dependency on pve-cluster
2019-07-02 Fabian Grünbichlercorosync: refactor if conditions
2019-07-02 Fabian Grünbichlercorosync: fix multicast detection
2019-07-02 Stefan ReiterOnly include multicast rules if transport is udp
2019-07-02 Stefan ReiterUpdate and add tests for corosync firewall changes
2019-07-02 Stefan ReiterCreate corosync firewall rules independently of localnet
2019-06-24 Thomas Lamprechtbump version to 4.0-2
2019-06-24 Thomas Lamprechtpve-firewall.service: update-alternative ip-/eb- tables...
2019-05-28 Thomas Lamprechtfix CT rule generation with ipfilter set
2019-05-25 Thomas Lamprechtfix systemd warning about PIDFile directory
2019-05-23 Thomas Lamprechtbuildsys: switch upload dist over to buster
2019-05-21 Thomas Lamprechtbump version to 4.0-1
2019-05-21 Thomas Lamprechtbump debian compat level to 10
2019-05-21 Thomas Lamprechtbuildsys: use dpkg-dev makefile helpers for pkg info