2014-03-25 Alexandre Derumieradd ips feature v7
2014-03-21 Dietmar Maurercode cleanup: use ruleset_generate_rule to generate...
2014-03-21 Dietmar Maurerassume rule is enabled if {enable} is not defined
2014-03-21 Alexandre Derumierdhcp out rule : use goto instead jump
2014-03-20 Dietmar Maureruse enable instead of disable
2014-03-20 Dietmar Maurerimplement nosmurfs option for hiost firewall
2014-03-20 Dietmar Maureradd tcpflags to host.fw example
2014-03-20 Dietmar Maurerimplement option tcpflags for host firewall
2014-03-20 Alexandre Derumiergenerate_group_rules : fix check of security group
2014-03-19 Dietmar Maurerfix dhcp rule
2014-03-19 Dietmar Maurerallow to use utf8 encoded comments
2014-03-19 Dietmar Maurerswitch back to gnu99 std
2014-03-19 Dietmar Maurerremove optimization which accepts unrelated traffic
2014-03-18 Dietmar Maurerstart VM firewall API
2014-03-18 Dietmar Maurerstart host API
2014-03-18 Dietmar Maurerimprove security group API
2014-03-18 Dietmar Maurerstart API
2014-03-18 Dietmar Maurernew method load_security_groups()
2014-03-17 Dietmar Maurerremove obsolete comment
2014-03-17 Dietmar Maureravoid dependency problems
2014-03-17 Dietmar Maureruse signalfd instead of g_unix_signal_add
2014-03-17 Dietmar Maureradd option parser and print usage information
2014-03-15 Dietmar Maureradd compile time test for log struct size
2014-03-14 Dietmar Maureruse gnu11 instead of gnu99 (newer)
2014-03-14 Dietmar Maurerimprove Makefile clean target
2014-03-14 Dietmar Maureradd missing init.d file for pvefw-logger
2014-03-14 Dietmar Maurerreally stop daemon on write error
2014-03-14 Dietmar Maureradditionally log status messages to syslog
2014-03-14 Dietmar Maureruse phydev numbers if name lookup fails
2014-03-14 Dietmar Maurerimprove log format
2014-03-13 Dietmar Maureradd simple nflog daemon
2014-03-12 Alexandre Derumierfix 110.fw example
2014-03-10 Dietmar Maureradd ifupdown helper to setup MASQUERADE on veth device
2014-03-10 Dietmar Maureravoid use of --physdev-is-bridged whenever possible
2014-03-10 Dietmar Maureruse correct mac for veth containers
2014-03-10 Dietmar Maureradd reminder that we should use ULOG
2014-03-10 Dietmar Maureradd documentation for masqueraded setup
2014-03-07 Dietmar Maurerdo not use multiport for single port range
2014-03-06 Dietmar Maurerifupdown.sh: correctly use ifup instead of ifconfig
2014-03-06 Dietmar Maurerifupdown.sh: improve error handling
2014-03-06 Dietmar Maureradd ifupdown helper to create veth devices plugged...
2014-03-06 Dietmar Maurerupdate documentation
2014-03-06 Dietmar Maurerimplement allow_bridge_route feature
2014-03-06 Dietmar Maureruse perl taint mode
2014-03-06 Dietmar Maurerdo not use perl -w
2014-03-06 Dietmar Maureruse RETURN instead of ACCEPT to allow further processing
2014-03-06 Dietmar Maureronly update nf_conntrack_max if firewall is started
2014-03-05 Dietmar Maurerplug venet0 chains into PVEFW-INPUT and PVEFW-OUTPUT
2014-03-05 Dietmar Maurerplug venet0 chains into PVEFW-FORWARD
2014-03-05 Dietmar Maureradd optimization as last step
2014-03-05 Dietmar Maureruse parse_address_list to validate IP list
2014-03-05 Dietmar Maurergenerate chains for openvz venet
2014-03-05 Dietmar Maureradd veth chain to is_pvefw_chain()
2014-03-05 Dietmar Maurerstart openvz support
2014-03-05 Dietmar Maureruse underscore instead of hyphen for fw options
2014-03-05 Dietmar Maureradd nf_conntrack_max to example config
2014-03-05 Dietmar Maurerimplement nf_conntrack_max option
2014-03-05 Dietmar Maurercleanup - avoid warning about undefined value
2014-03-05 Dietmar Maurercleanups - use better names
2014-03-04 Dietmar Maurerimprove logging
2014-03-04 Dietmar Maurercorrectly init PVEFW-FORWARD chain
2014-03-04 Dietmar Maureradd $bridge-OUT chain to PVEFW-INPUT
2014-03-04 Dietmar Maurerclear mark when entering tapXZY-OUT chain
2014-03-04 Dietmar Maurercorrectly implement policy for host firewall
2014-03-04 Dietmar Maurerfactor out code to produce policy rules
2014-03-04 Dietmar Maurerfix comment
2014-03-04 Dietmar Maurerremove unnecessary rule
2014-03-04 Dietmar Maurers/enablehostfw/enable_host_firewall/
2014-03-04 Dietmar Maurermake sure syncookies are enabled
2014-03-04 Dietmar Maureruse PVE::ProcFSTools::write_proc_entry instead of syste...
2014-03-04 Dietmar Maurercleanup ruleset_generate_rule()
2014-03-04 Dietmar Maurerimprove clean target
2014-03-04 Dietmar Maurerremove stale file
2014-03-03 Dietmar Maurermerge IN/OUT section into RULES section
2014-03-03 Dietmar Maurerassemble debian package
2014-02-28 Dietmar Maurerimplement log_level_in and log_level_out options
2014-02-28 Dietmar Maurerimplement log level options
2014-02-28 Dietmar Maureruse a file to store firewall status persistently.
2014-02-28 Dietmar MaurerignoreZ source/destination port if no protocol specified
2014-02-27 Dietmar Maureruse defined() to check fot undefined value
2014-02-27 Dietmar Maurerimprove multiport rule generator
2014-02-27 Dietmar Maurerfix Ping macro
2014-02-27 Dietmar Maurerimprove example
2014-02-27 Dietmar Maurerallow to disable single rules, and add ability to add...
2014-02-27 Dietmar Maureradd 'dhcp' option (enabled by default)
2014-02-27 Dietmar Maureruse PVEFW-reject instead of REJECT
2014-02-27 Dietmar Maureraccept traffic to unmanaged bridge ports
2014-02-27 Dietmar Maurercorrectly apply macros
2014-02-26 Dietmar Maurerimplement nosmurfs options (enabled by default)
2014-02-26 Dietmar Maurerimplement option 'tcpflags' to log illegal combinations...
2014-02-26 Dietmar Maurermake mac address filtering optional (default enabled)
2014-02-26 Dietmar Maureruse chains from previous commit to reduce logging
2014-02-26 Dietmar Maureradd some useful chains
2014-02-26 Dietmar Maureradd a way to define some default chains
2014-02-26 Dietmar Maurerfix multiport rules and add icmp type names
2014-02-26 Dietmar Maurercleanups
2014-02-26 Dietmar Maureralways use PVEFW-SET-ACCEPT-MARK for OUT chain
2014-02-26 Alexandre Derumierbridge rules : -j ACCEPT for physical interfaces
2014-02-25 Alexandre Derumieruse RETURN instead ACCEPT for tap-out rules
2014-02-25 Dietmar Maurerimplement VM policy option