vyos-1x.git/data/templates/firewall, branch vyos/1.5dev0 VyOS command definitions, scripts, and utilities (mirror of https://github.com/marekm72/vyos-1x.git) https://git.amelek.net/marekm72/vyos-1x.git/atom?h=vyos%2F1.5dev0 2023-08-26T21:20:22+00:00 firewall: T5080: Disable conntrack unless required by rules 2023-08-26T21:20:22+00:00 sarthurdev 965089+sarthurdev@users.noreply.github.com 2023-08-26T21:02:10+00:00 urn:sha1:6b5d3568b88fad9cda694c0cd8b82c1f16773b15 firewall: T5160: Remove unused zone template 2023-08-25T14:51:49+00:00 sarthurdev 965089+sarthurdev@users.noreply.github.com 2023-08-25T11:59:31+00:00 urn:sha1:2509a1ab84cdb6d9389b547f93b0904cf329e78a interface: T3509: Add per-interface IPv6 source validation 2023-08-25T14:51:49+00:00 sarthurdev 965089+sarthurdev@users.noreply.github.com 2023-08-25T11:54:47+00:00 urn:sha1:b6f742716da5f89c7f3f3501220e0f3ae1df45d8 firewall: T3509: Add support for IPv6 return path filtering 2023-08-25T13:53:30+00:00 sarthurdev 965089+sarthurdev@users.noreply.github.com 2022-09-29T11:59:10+00:00 urn:sha1:d62f8ed1e3608d82e3e4fb7566817839023aa39c T5160: firewall refactor: move <set firewall ipv6 ipv6-name ...> to <set firewall ipv6 name ...> . Also fix some unexpected behaviour with geoip. 2023-08-11T14:50:00+00:00 Nicolas Fort nicolasfort1988@gmail.com 2023-07-03T19:32:37+00:00 urn:sha1:0300bf433d9aaff81fdecf9eeaabba8d06c1999f T5160: firewall refactor: fix firewall template for correct rule parsing that contains fqnd and/or geo-ip in base chains. Fix mig script 2023-08-11T14:50:00+00:00 Nicolas Fort nicolasfort1988@gmail.com 2023-06-02T14:35:26+00:00 urn:sha1:dbb069151f372ea521fad2edcd83f2d33631e6c7 T5160: firewall refactor: change firewall ip to firewall ipv4 2023-08-11T14:49:54+00:00 Nicolas Fort nicolasfort1988@gmail.com 2023-05-31T15:07:42+00:00 urn:sha1:68d14fe80145542ffd08a5f7d5cde6c090a0de07 T5160: firewall refactor: new cli structure. Update jinja templates, python scripts and src firewall 2023-08-11T14:40:55+00:00 Nicolas Fort nicolasfort1988@gmail.com 2023-05-23T17:53:57+00:00 urn:sha1:a8244928af84e65dcc9833e14e2de3324b484977 T5333: Set prefix UD for PBR generated user-defined chain names 2023-07-03T11:34:10+00:00 Viacheslav Hletenko v.gletenko@vyos.io 2023-07-03T11:34:10+00:00 urn:sha1:5cf503955377d138c626b2c8157eab71b1fa8fad We cannot use some specific names like POSTROUTING/PREROUTING as for PBR they overlaps with VyOS defined chains Chains aftoconfigured by VyOS itself: chain VYOS_PBR_PREROUTING chain VYOS_PBR_POSTROUTING If we try to use chain name "POSTROUTING" it generates 2 chains with the same name "chain VYOS_PBR_POSTROUTING" one is autoconfigured and the second defined by user set policy route POSTROUTING rule 100 Add the user-defined (UD) prefix to separate user defined names That allows to use any user-defined names T5128: Policy Route: allow wildcard on interface 2023-03-31T12:28:24+00:00 Nicolas Fort nicolasfort1988@gmail.com 2023-03-30T12:55:30+00:00 urn:sha1:599c5405e7ff5b76aa774b8cc97a82fbc053d46c