| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2018-03-14 | Task T35 change to place ipv6 address-groups and network groups under group ↵ | Marian Tudosoiu | |
| config tree | |||
| 2018-03-12 | Task T35 add generation of SNMP traps on firewall config changes | Marian Tudosoiu | |
| 2018-03-12 | Task T35 - add support for IPv6 firewall adddress and network groups | Marian Tudosoiu | |
| 2018-02-19 | Bug #T171 fix Open Task T171 Unable to Delte Rule | mtudosoiu | |
| 2017-09-14 | Revert "Added support for local PBR to gen-interface-policy-templates.pl" | Daniil Baturin | |
| This reverts commit b30b5c66b7d6f4c12c37a642319dd39f8613f74a. | |||
| 2017-04-27 | update the way status of snmpd is called | Kim | |
| 2016-05-20 | Revert "vyatta-cfg-firewall: update nfct commands to use the new syntax" | Kim Hagen | |
| Debian jessie version still uses older syntax This reverts commit 8c08408d1309b2664067b3a793d7df3b24d36cf3. | |||
| 2016-01-24 | 0.14.0+vyos2+current1debian/0.14.0+vyos2+current1 | Kim Hagen | |
| 2015-12-24 | Fix runtime depends. | Thomas Jepp | |
| 2015-12-16 | Fix build depends. | Thomas Jepp | |
| 2015-12-12 | 0.14.0+vyos2+lithium16debian/0.14.0+vyos2+lithium16 | Alex Harpin | |
| 2015-12-12 | vyatta-cfg-firewall: update network-group check to allow "this" network | Alex Harpin | |
| Update the check for network-groups to allow zero net addresses as they are accepted by the current version of ipset used in VyOS, rejecting only the 0.0.0.0/0 address. This allows the "this" network (0.0.0.0/8) to be used in network-groups. Bug #628 http://bugzilla.vyos.net/show_bug.cgi?id=628 | |||
| 2015-12-12 | vyatta-cfg-firewall: formatting changes for style consistency | Alex Harpin | |
| Update lib/Vyatta/Iptables/AddressFilter.pm, IpSet.pm, Mgr.pm and Rule.pm to maintain style and consistency. | |||
| 2015-11-29 | 0.14.0+vyos2+lithium15debian/0.14.0+vyos2+lithium15 | Alex Harpin | |
| 2015-11-28 | vyatta-cfg-firewall: drop executable permissions on node.defs | Alex Harpin | |
| Drop the executable permissions present on a number of node.defs to remove lintian warnings. | |||
| 2015-11-28 | vyatta-cfg-firewall: check rules for errors before processing them | Alex Harpin | |
| Errors in firewall rules can cause either rules to be overwritten (completely or partially), dropped entirely, or just ending up with an inconsistent state in comparison to the current configuration. This can lead to unpredictable firewall results, which can't even be corrected by deleting all the firewall rules, only a reboot or manual intervention will correct the issue. Checking these rules for consistency in a separate loop before they are applied allows the errors to flagged up and the commit failed before the iptables are touched. Bug #623 http://bugzilla.vyos.net/show_bug.cgi?id=623 | |||
| 2015-11-28 | vyatta-cfg-firewall: formatting changes for style consistency | Alex Harpin | |
| Update scripts/firewall/vyatta-firewall.pl to maintain style and consistency. | |||
| 2015-11-28 | vyatta-cfg-firewall: update nfct commands to use the new syntax | Alex Harpin | |
| Update the nfcft commands to use the new style syntax rather than the old, following the update of conntrack-tools to 1.4.3. | |||
| 2015-10-24 | 0.14.0+vyos2+lithium14debian/0.14.0+vyos2+lithium14 | Alex Harpin | |
| 2015-10-24 | vyatta-cfg-firewall: temporarily disable p2p option in firewall config | Alex Harpin | |
| Both the userspace library and the associated kernel module for the iptables ipp2p match target are currently missing and so this configuration returns an error when used. Disabling this option temporarily until the above issue has been resolved. Bug #602 http://bugzilla.vyos.net/show_bug.cgi?id=602 | |||
| 2015-06-24 | 0.14.0+vyos2+lithium13debian/0.14.0+vyos2+lithium13 | Alex Harpin | |
| 2015-06-24 | vyatta-cfg-firewall: add port 1536 to the initial ct helper chain | Alex Harpin | |
| Add port 1536 to the initial VYATTA_CT_HELPER chain inline with the conntrack sqlnet module change in vyatta-conntrack. Bug #412 http://bugzilla.vyos.net/show_bug.cgi?id=412 | |||
| 2015-06-15 | 0.14.0+vyos2+lithium12debian/0.14.0+vyos2+lithium12 | Alex Harpin | |
| 2015-06-15 | vyatta-cfg-firewall: update dh_gencontrol with new development flag | Alex Harpin | |
| 2015-05-15 | Merge pull request #4 from pasikarkkainen/local-pbr | Daniil Baturin | |
| Bug #252: Add support for local PBR | |||
| 2015-05-14 | Added support for local PBR to gen-interface-policy-templates.pl | Pasi Karkkainen | |
| 2015-05-14 | Added support for local PBR to vyatta-firewall.pl | Pasi Karkkainen | |
| 2015-05-14 | 0.14.0+vyos2+lithium11debian/0.14.0+vyos2+lithium11 | Daniil Baturin | |
| 2015-05-14 | Missing comma in gen-interface-templates script interface hash. | Daniil Baturin | |
| 2015-05-03 | 0.14.0+vyos2+lithium10debian/0.14.0+vyos2+lithium10 | Daniil Baturin | |
| 2015-05-03 | http://bugzilla.vyos.net/show_bug.cgi?id=494 | Carl Byington | |
| Signed-off-by: Daniil Baturin <daniil@baturin.org> | |||
| 2015-05-03 | fix syntax error from sorting | Carl Byington | |
| Signed-off-by: Daniil Baturin <daniil@baturin.org> | |||
| 2015-05-03 | fix syntax error from sorting | Carl Byington | |
| Signed-off-by: Daniil Baturin <daniil@baturin.org> | |||
| 2015-05-03 | add interfaces/vti/<intf>/policy add ↵ | Carl Byington | |
| interfaces/ethernet/<intf>/vrrp/vrrp-group/policy remove interfaces/ethernet/<intf>/pppoa cleanup and sort lists of interfaces Signed-off-by: Daniil Baturin <daniil@baturin.org> | |||
| 2015-05-03 | add firewall config for vrrp interfaces | Carl Byington | |
| Signed-off-by: Daniil Baturin <daniil@baturin.org> | |||
| 2015-05-03 | add firewall config for vrrp interfaces | Carl Byington | |
| Signed-off-by: Daniil Baturin <daniil@baturin.org> | |||
| 2015-05-03 | 0.14.0+vyos2+lithium9debian/0.14.0+vyos2+lithium9 | Daniil Baturin | |
| 2015-05-03 | Bug #406: display uncommited firewall group names in completion. | Daniil Baturin | |
| 2015-04-09 | 0.14.0+vyos2+lithium8debian/0.14.0+vyos2+lithium8 | Daniil Baturin | |
| 2015-04-09 | Sanitize the package. | Daniil Baturin | |
| Add dependency on iptables. Don't build the cfg-serial package and don't generate templates for it, serial interfaces support is long dead. Generate templates for dummy interfaces. | |||
| 2015-02-17 | 0.14.0+vyos2+lithium7debian/0.14.0+vyos2+lithium7 | Daniil Baturin | |
| 2015-02-16 | Merge pull request #2 from kouak/lithium | Daniil Baturin | |
| Add SNPT and DNPT firewall hooks and load ip6t_NPT kernel module (#387) | |||
| 2015-02-15 | Add SNPT and DNPT firewall hooks and load ip6t_NPT kernel module (#387) | kouak | |
| 2015-02-14 | 0.14.0+vyos2+lithium6debian/0.14.0+vyos2+lithium6 | Daniil Baturin | |
| 2015-02-14 | Bug #487: complete names for added but not commited firewall rulesets. | Daniil Baturin | |
| 2014-12-25 | 0.14.0+vyos2+lithium5debian/0.14.0+vyos2+lithium5 | Alex Harpin | |
| 2014-12-25 | Update maintainer address | Alex Harpin | |
| 2014-12-15 | 0.14.0+vyos2+lithium4debian/0.14.0+vyos2+lithium4 | Alex Harpin | |
| 2014-12-15 | Force release | Alex Harpin | |
| 2014-11-21 | 0.14.0+vyos2+lithium3debian/0.14.0+vyos2+lithium3 | Daniil Baturin | |
 |
index : vyatta-cfg-firewall.git | |
| Configuration templates and scripts for the firewall subsystem. (mirror of https://github.com/vyos/vyatta-cfg-firewall.git) |
| summaryrefslogtreecommitdiff |