Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-01-28 | firewall: T4217: install protocol tcp_udp if port group does not use a protocol | Christian Poessinger | |
2022-01-27 | Merge pull request #1194 from sarthurdev/T4213 | Christian Poessinger | |
policy: T4213: Fix rule creation/deletion for IPv6 policy routes | |||
2022-01-27 | policy: T4213: Fix rule creation/deletion for IPv6 policy routes | sarthurdev | |
2022-01-27 | Merge pull request #1190 from sever-sever/T4194 | Christian Poessinger | |
policy: T4194: Add prefix-list duplication checks | |||
2022-01-27 | Merge pull request #1193 from sarthurdev/T4178 | Christian Poessinger | |
firewall: T4178: Fix tcp flags output when `not` isn't used | |||
2022-01-27 | firewall: T4178: Fix tcp flags output when `not` isn't used | sarthurdev | |
2022-01-26 | Merge pull request #1191 from sever-sever/T4138 | Christian Poessinger | |
nat: T4138: Add port-range validation for NAT | |||
2022-01-26 | Merge pull request #1192 from sarthurdev/T4212 | Christian Poessinger | |
pki: T4212: Catch `install_into_config` errors and output for manual command entry | |||
2022-01-26 | pki: T4212: Catch `install_into_config` errors and output for manual command ↵ | sarthurdev | |
entry | |||
2022-01-25 | nat: T4138: Add port-range validation for NAT | Viacheslav Hletenko | |
Add port-validators for NAT rules that prevent to set incorrect port-ranges (21-5) and incorrect ports (70000) | |||
2022-01-25 | Merge pull request #1189 from sever-sever/T3872 | Christian Poessinger | |
monitoring: T3872: Delete iptables input plugin as we use nft | |||
2022-01-25 | policy: T4194: Add prefix-list duplication checks | Viacheslav Hletenko | |
Prefix-list should not be duplicatied as FRR doesn't accept it One option when it can be duplicated when it uses "le" or "ge" | |||
2022-01-25 | monitoring: T3872: Delete iptables input plugin as we use nft | Viacheslav | |
Telegraf inputs iptables plugin incompatible with nftables As it tries to get statistics from "iptables -L -n -v" which doesnt display required data in 1.4 as we don't use iptables anymore | |||
2022-01-25 | Merge pull request #1188 from sever-sever/T4205 | Christian Poessinger | |
sshd: T4205: Hide extra version suffix "Debian" | |||
2022-01-25 | sshd: T4205: Hide extra version suffix "Debian" | Viacheslav Hletenko | |
Disable distribution-specified extra version suffix is included during initial protocol handshake SSH-2.0-OpenSSH_8.4p1 Debian-5 => SSH-2.0-OpenSSH_8.4p1 | |||
2022-01-22 | Merge pull request #1186 from nicolas-fort/T4153 | Christian Poessinger | |
bandwidth-test: T4153: Fixed bandwidth-test initiate | |||
2022-01-22 | bandwidth-test: T4153: Fixed bandwidth-test initiate, which was not working ↵ | Nicolas Fort | |
with ipv4 | |||
2022-01-22 | Merge pull request #1184 from sarthurdev/firewall_icmp | Christian Poessinger | |
firewall: T4130: T4186: ICMP/v6 updates, ipv6 state policy check fix | |||
2022-01-21 | Firewall: T4186: Adding icmpv6 corrections, in corcondancy of what was done ↵ | Nicolas Fort | |
for icmp | |||
2022-01-21 | Firewall: T4186: typo correction on address-mask-reply description | Nicolas Fort | |
2022-01-21 | Firewall: T4186: Correct icmp type-name options for firewall rules | Nicolas Fort | |
2022-01-21 | firewall: T2199: Verify correct ICMP protocol for ipv4/ipv6 | sarthurdev | |
2022-01-21 | firewall: T4186: ICMP/v6 migrations | sarthurdev | |
2022-01-21 | firewall: T4130: Use correct table to check for state policy rule | sarthurdev | |
2022-01-21 | Merge pull request #1183 from hensur/current-ipv6-local-route | Christian Poessinger | |
policy: T4151: Bugfix policy ipv6-local-route | |||
2022-01-21 | policy: T4151: Bugfix policy ipv6-local-route | Henning Surmeier | |
2022-01-21 | Merge pull request #1180 from goodNETnick/dhcp-client-prefix | Christian Poessinger | |
DHCP: T4196: fix client-prefix-length parameter | |||
2022-01-20 | DHCP: T4196: fix client-prefix-length parameter | goodNETnick | |
2022-01-20 | Merge pull request #1182 from jestabro/migrate-while-udev | Christian Poessinger | |
interface-names: T3871: use tempfile during virtual migration | |||
2022-01-20 | Merge pull request #1181 from sarthurdev/firewall | Christian Poessinger | |
firewall: T2199: Add log prefix to match legacy perl behaviour | |||
2022-01-20 | interface-names: T3871: use tempfile during virtual migration | John Estabrook | |
Use tempfile to avoid race conditions during virtual migration. | |||
2022-01-20 | Merge pull request #1144 from hensur/current-ipv6-local-route | Christian Poessinger | |
policy: T4151: Add policy ipv6-local-route | |||
2022-01-20 | firewall: T2199: Add log prefix to match legacy perl behaviour | sarthurdev | |
Example syslog: [FWNAME-default-D] ... * Also clean-up firewall default-action | |||
2022-01-19 | Merge pull request #1177 from sarthurdev/mac_groups | Christian Poessinger | |
firewall: T3560: Add support for MAC address groups | |||
2022-01-19 | Merge pull request #1176 from sarthurdev/firewall | Christian Poessinger | |
firewall: T1292: T2199: Cleanup rules used by chain to be deleted, check if chain in use by zone-policy | |||
2022-01-19 | Merge pull request #1179 from fett0/T4195 | Christian Poessinger | |
OSPF : T4195: ability to set maximum paths for OSPF | |||
2022-01-19 | OSPF : T4195: ability to set maximum paths for OSPF | fett0 | |
2022-01-18 | firewall: T2199: Raise ConfigError if deleted node is used in zone-policy | sarthurdev | |
2022-01-18 | firewall: policy: T1292: Clean up any rules required to delete a chain | sarthurdev | |
2022-01-18 | firewall: T3560: Add support for MAC address groups | sarthurdev | |
2022-01-18 | Merge pull request #1178 from sarthurdev/firewall_T4188 | Christian Poessinger | |
firewall: T4188: Create default conntrack `FW_CONNTRACK` chain | |||
2022-01-18 | firewall: T4188: Create default conntrack `FW_CONNTRACK` chain | sarthurdev | |
This chain was missing from the XML/Python rewrite thus all traffic fell through to the `notrack` rule. | |||
2022-01-17 | bgp: T3741: bugfix migrator - exit() was called without saving | Christian Poessinger | |
2022-01-17 | Merge pull request #1174 from sarthurdev/firewall | Christian Poessinger | |
firewall: T4178: T3873: tcp flags syntax refactor, intra-zone-filtering fix | |||
2022-01-17 | firewall: T2199: Fix `port-range` validator to accept service names | sarthurdev | |
2022-01-17 | zone-policy: T3873: Fix intra-zone-filtering return to zone default-action | sarthurdev | |
2022-01-17 | firewall: policy: T4178: Migrate and refactor tcp flags | sarthurdev | |
* Add support for ECN and CWR flags | |||
2022-01-16 | Revert "migrator: interfaces: T4171: bugfix ConfigTreeError" | Christian Poessinger | |
This reverts commit 29efbf51efea559773f61703f11a77a8aee6de36. | |||
2022-01-16 | Revert "migrator: interfaces: T4171: bugfix ConfigTreeError" | Christian Poessinger | |
This reverts commit 391ce22b76190309f81e048ebffab778b0fdee1d. | |||
2022-01-16 | dns-forwarding: T1595: remove unnecessary nesting in migration script 1 -> 2 | Christian Poessinger | |