| 2013-11-07 |
Jo-Philipp Wich | Use a global -m conntrack --ctstate DNAT rule to accept...
|
commit | commitdiff | tree |
| 2013-10-23 |
Steven Barth | Improve ubus support
|
commit | commitdiff | tree |
| 2013-10-10 |
Jo-Philipp Wich | Use fw3_ipt_rule_replace() when setting up zone interface...
|
commit | commitdiff | tree |
| 2013-10-10 |
Jo-Philipp Wich | Use fw3_ipt_rule_replace() when setting up reflection
|
commit | commitdiff | tree |
| 2013-10-10 |
Jo-Philipp Wich | Allow any protocol for reflection rules
|
commit | commitdiff | tree |
| 2013-08-14 |
Jo-Philipp Wich | Reorganize chain layout for raw/NOTRACK rules to fix...
|
commit | commitdiff | tree |
| 2013-08-14 |
Jo-Philipp Wich | Use "-j CT --notrack" instead of deprecated "-j NOTRACK"
|
commit | commitdiff | tree |
| 2013-08-14 |
Jo-Philipp Wich | Revert "Make sure that NOTRACK is linked into firewall3...
|
commit | commitdiff | tree |
| 2013-08-14 |
Jo-Philipp Wich | Make sure that NOTRACK is linked into firewall3 if...
|
commit | commitdiff | tree |
| 2013-07-16 |
Jo-Philipp Wich | Treat redirects as port redirections if the specified...
|
commit | commitdiff | tree |
| 2013-06-29 |
Jo-Philipp Wich | Properly dereference struct ether_addr
|
commit | commitdiff | tree |
| 2013-06-29 |
Jo-Philipp Wich | Do not rely on ether_ntoa() when formatting mac addresses.
|
commit | commitdiff | tree |
| 2013-06-18 |
Jo-Philipp Wich | Don't mistreat unknown protocol names as "any protocol"
|
commit | commitdiff | tree |
| 2013-06-18 |
Jo-Philipp Wich | Fix processing of CIDRs with mask 0
|
commit | commitdiff | tree |
| 2013-06-13 |
Jo-Philipp Wich | Fix processing of negated options
|
commit | commitdiff | tree |
| 2013-06-13 |
Jo-Philipp Wich | Properly handle reject target in rules with specific...
|
commit | commitdiff | tree |
| 2013-06-06 |
Jo-Philipp Wich | Keep all basic chains on reload and only flush them...
|
commit | commitdiff | tree |
| 2013-06-06 |
Jo-Philipp Wich | Fix endian issue in compare_addr(), solves auto detection...
|
commit | commitdiff | tree |
| 2013-06-06 |
Jo-Philipp Wich | For ingress rules, only jump into zone_name_src_ACTION...
|
commit | commitdiff | tree |
| 2013-06-06 |
Jo-Philipp Wich | Implement limit and limit_burst options for rules.
|
commit | commitdiff | tree |
| 2013-06-05 |
Jo-Philipp Wich | Use zone_name_src_ACTION chain for input rules with...
|
commit | commitdiff | tree |
| 2013-06-05 |
Jo-Philipp Wich | Extend ipset option syntax to support specifying directions...
|
commit | commitdiff | tree |
| 2013-06-04 |
Jo-Philipp Wich | Fix wrong signature of fw3_xt_print_matches()
|
commit | commitdiff | tree |
| 2013-06-04 |
Jo-Philipp Wich | Add abstract fw3_xt_print_matches() and fw3_xt_print_target...
|
commit | commitdiff | tree |
| 2013-06-04 |
Jo-Philipp Wich | Fix wrong chain emitted for zone forward policy, the...
|
commit | commitdiff | tree |
| 2013-06-03 |
Jo-Philipp Wich | Decouple handle destroying from committing, add fw3_ipt_clos...
|
commit | commitdiff | tree |
| 2013-06-03 |
Jo-Philipp Wich | Do not let libxtables implicitely load extensions,...
|
commit | commitdiff | tree |
| 2013-05-27 |
Jo-Philipp Wich | Make IPv6 support optional
|
commit | commitdiff | tree |
| 2013-05-27 |
Jo-Philipp Wich | Add abstract fw3_xt_reset() implementation
|
commit | commitdiff | tree |
| 2013-05-27 |
Jo-Philipp Wich | Dynamically create rules for available libext*.a libraries...
|
commit | commitdiff | tree |
| 2013-05-27 |
Jo-Philipp Wich | Fix compatibility with older libiptc/libip6tc
|
commit | commitdiff | tree |
| 2013-05-26 |
Jo-Philipp Wich | Only emit different ip family warnings if the ip wasn...
|
commit | commitdiff | tree |
| 2013-05-26 |
Jo-Philipp Wich | Mark fw3_address objects that got resolved by fw3_parse_netw...
|
commit | commitdiff | tree |
| 2013-05-26 |
Jo-Philipp Wich | Change wording of inferred destination warning for...
|
commit | commitdiff | tree |
| 2013-05-26 |
Jo-Philipp Wich | Replace fw3_free_zone() with the generic implementation
|
commit | commitdiff | tree |
| 2013-05-26 |
Jo-Philipp Wich | Avoid segfault when freeing rules whose target could...
|
commit | commitdiff | tree |
| 2013-05-26 |
Jo-Philipp Wich | Infer destination zone of DNAT redirects from dest_ip...
|
commit | commitdiff | tree |
| 2013-05-26 |
Jo-Philipp Wich | Add fw3_resolve_zone_addresses() helper to obtain a...
|
commit | commitdiff | tree |
| 2013-05-26 |
Jo-Philipp Wich | Remove fw3_ubus_address_free() and use fw3_free_list...
|
commit | commitdiff | tree |
| 2013-05-26 |
Jo-Philipp Wich | Add fw3_free_list() helper
|
commit | commitdiff | tree |
| 2013-05-25 |
Jo-Philipp Wich | Fix output rules with "option dest *"
|
commit | commitdiff | tree |
| 2013-05-25 |
Jo-Philipp Wich | Allow devices for src_ip, src_dip and dest_ip options
|
commit | commitdiff | tree |
| 2013-05-24 |
Jo-Philipp Wich | Pass -Wl,--whole-archive and -Wl,--no-whole-archive...
|
commit | commitdiff | tree |
| 2013-05-23 |
Jo-Philipp Wich | Don't leak memory when encountering unknown match or...
|
commit | commitdiff | tree |
| 2013-05-23 |
Jo-Philipp Wich | Use weak function pointers to call extension init functions...
|
commit | commitdiff | tree |
| 2013-05-22 |
Jo-Philipp Wich | Limit zone names to 14 bytes
|
commit | commitdiff | tree |
| 2013-05-22 |
Jo-Philipp Wich | Add required ipset declarations for kernels < 3.7
|
commit | commitdiff | tree |
| 2013-05-22 |
Jo-Philipp Wich | Further fixes for zone reloads
|
commit | commitdiff | tree |
| 2013-05-22 |
Jo-Philipp Wich | Only perform selective reload if firewall was already...
|
commit | commitdiff | tree |
| 2013-05-21 |
Jo-Philipp Wich | Fix another crash bug if ipsets are supported but none...
|
commit | commitdiff | tree |
| 2013-05-21 |
Jo-Philipp Wich | Fix rules for custom filter chains
|
commit | commitdiff | tree |
| 2013-05-21 |
Jo-Philipp Wich | Do not print to pipe or close command if nothing was...
|
commit | commitdiff | tree |
| 2013-05-17 |
Jo-Philipp Wich | Add missing libip6t_REJECT initialization
|
commit | commitdiff | tree |
| 2013-05-17 |
Jo-Philipp Wich | Only initialize extensions we actually use
|
commit | commitdiff | tree |
| 2013-05-17 |
Jo-Philipp Wich | Wait for ipsets to appear before continuing
|
commit | commitdiff | tree |
| 2013-05-17 |
Jo-Philipp Wich | Restore iptables-save include functionality
|
commit | commitdiff | tree |
| 2013-05-17 |
Jo-Philipp Wich | Also add comments for unnamed rules
|
commit | commitdiff | tree |
| 2013-05-17 |
Jo-Philipp Wich | Only process selected family for print
|
commit | commitdiff | tree |
| 2013-05-17 |
Jo-Philipp Wich | Include iptables command and table name in iptables...
|
commit | commitdiff | tree |
| 2013-05-17 |
Jo-Philipp Wich | Add debug prints for policy setting, don't commit ruleset...
|
commit | commitdiff | tree |
| 2013-05-17 |
Jo-Philipp Wich | Rename struct fw3_rule_spec to struct fw3_chain_spec...
|
commit | commitdiff | tree |
| 2013-05-17 |
Jo-Philipp Wich | Remove now unused fw3_pr_rulespec()
|
commit | commitdiff | tree |
| 2013-05-17 |
Jo-Philipp Wich | Remove now unused fw3_format_*() functions
|
commit | commitdiff | tree |
| 2013-05-17 |
Jo-Philipp Wich | Drop iptables-restore and create rules through libiptc...
|
commit | commitdiff | tree |
| 2013-05-13 |
Jo-Philipp Wich | Use libiptc to clear current ruleset
|
commit | commitdiff | tree |
| 2013-05-08 |
Jo-Philipp Wich | Force fsync() after writing statefile
|
commit | commitdiff | tree |
| 2013-05-08 |
Jo-Philipp Wich | Make reload atomic
|
commit | commitdiff | tree |
| 2013-05-06 |
Jo-Philipp Wich | Family "any" is not applicable to ipsets, default to...
|
commit | commitdiff | tree |
| 2013-05-02 |
Jo-Philipp Wich | Simplify ipset external checks and optionally initialize...
|
commit | commitdiff | tree |
| 2013-05-02 |
Jo-Philipp Wich | Check whether ipset exists before referencing it in...
|
commit | commitdiff | tree |
| 2013-05-02 |
Jo-Philipp Wich | Record device-network relation in state file, fix zone...
|
commit | commitdiff | tree |
| 2013-04-30 |
Jo-Philipp Wich | Record default policies in state file
|
commit | commitdiff | tree |
| 2013-04-30 |
Jo-Philipp Wich | Store ipset storage method and matches in state file...
|
commit | commitdiff | tree |
| 2013-04-30 |
Jo-Philipp Wich | Send quit comment in fw3_destroy_ipsets() and initialize...
|
commit | commitdiff | tree |
| 2013-04-30 |
Jo-Philipp Wich | Don't track family of ipsets
|
commit | commitdiff | tree |
| 2013-04-30 |
Jo-Philipp Wich | Fix parsing of ipset datatypes
|
commit | commitdiff | tree |
| 2013-04-30 |
Jo-Philipp Wich | Track ipsets in state file
|
commit | commitdiff | tree |
| 2013-04-30 |
Jo-Philipp Wich | Write statefile flags in hexadecimal format
|
commit | commitdiff | tree |
| 2013-04-30 |
Jo-Philipp Wich | Allow hex notation in int type options
|
commit | commitdiff | tree |
| 2013-04-30 |
Jo-Philipp Wich | Add common fw3_address_to_string() helper function
|
commit | commitdiff | tree |
| 2013-04-30 |
Jo-Philipp Wich | Remove referenced to unused FW3_FLAG_DELETED flag
|
commit | commitdiff | tree |
| 2013-04-30 |
Jo-Philipp Wich | Remove unused "running" argument form fw3_lookup_ipset()
|
commit | commitdiff | tree |
| 2013-04-30 |
Jo-Philipp Wich | Remove unused "running" argument form fw3_lookup_zone()
|
commit | commitdiff | tree |
| 2013-04-30 |
Jo-Philipp Wich | Split runtime and config states, store runtime state...
|
commit | commitdiff | tree |
| 2013-04-09 |
Jo-Philipp Wich | Add support for fwmark matches and targets
|
commit | commitdiff | tree |
| 2013-03-22 |
Jo-Philipp Wich | Increase compatibility to old firewall by initializing...
|
commit | commitdiff | tree |
| 2013-03-22 |
Jo-Philipp Wich | Fix parsing of '*' device and 'all' protocol value
|
commit | commitdiff | tree |
| 2013-03-21 |
Jo-Philipp Wich | Fix DNAT port remapping rules by not emitting 0.0.0...
|
commit | commitdiff | tree |
| 2013-03-19 |
Jo-Philipp Wich | Properly handle deleted zones and ipsets on restarts
|
commit | commitdiff | tree |
| 2013-03-19 |
Jo-Philipp Wich | Accept network names in per-zone subnet option
|
commit | commitdiff | tree |
| 2013-03-19 |
Jo-Philipp Wich | Also read addresses from "ipv6-prefix-assignment" ifstatus...
|
commit | commitdiff | tree |
| 2013-03-19 |
Jo-Philipp Wich | Rework option parsing to support emitting multiple...
|
commit | commitdiff | tree |
| 2013-03-19 |
Jo-Philipp Wich | Implement support for "network" datatype and use it...
|
commit | commitdiff | tree |
| 2013-03-18 |
Jo-Philipp Wich | Do not accept option src_mac for SNAT rules
|
commit | commitdiff | tree |
| 2013-03-14 |
Jo-Philipp Wich | Consolidate and unify argument order for functions
|
commit | commitdiff | tree |
| 2013-03-14 |
Jo-Philipp Wich | Only perform locking for start, stop, restart, reload...
|
commit | commitdiff | tree |
| 2013-03-14 |
Jo-Philipp Wich | Implement reload option for includes to decide whether...
|
commit | commitdiff | tree |
| 2013-03-13 |
Jo-Philipp Wich | Make nat reflection src address configurable by introducing...
|
commit | commitdiff | tree |
| 2013-03-13 |
Jo-Philipp Wich | Emit hotplug calls when flushing / creating zone chains
|
commit | commitdiff | tree |
| 2013-03-13 |
Jo-Philipp Wich | Unify fw3_default and fw3_target enums
|
commit | commitdiff | tree |
| next |
projects / project / firewall3.git / search