summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2009-12-230.13.7-47+jenner15vyatta/3.4.7/i386debian/0.13.7-47+jenner15jennerMohit Mehta
2009-12-23Fix Bug 5173 Firewall becomes out of sync with iptables when logging is enabledMohit Mehta
on an inpect rule - increment number of rules with inspect + logging
2009-08-310.13.7-47+jenner14vyatta/3.4.6/i386vyatta/3.4.5/i386vyatta/3.4.4/i386debian/0.13.7-47+jenner14Mohit Mehta
2009-08-310.13.7-47+jenner13debian/0.13.7-47+jenner13debian/0.13.7-47+jenner12Mohit Mehta
2009-08-270.13.7-47+jenner12rbays
2009-08-27fix for bug 4794 SIP Helper/ALG module does not translate RTP traffic...rbays
added new configuration parameters: firewall conntrack-options sip enable-indirect-media firewall conntrack-options sip enable-indirect-signalling
2009-08-060.13.7-47+jenner11debian/0.13.7-47+jenner11Mohit Mehta
2009-08-06prevent possible situation where the two iptables rules for match conditionMohit Mehta
'recent' have different match conditions by moving code for recent to last
2009-07-310.13.7-47+jenner10debian/0.13.7-47+jenner10Stig Thormodsrud
2009-07-31Another attempt to fix 4760.Stig Thormodsrud
2009-07-100.13.7-47+jenner9vyatta/3.4.2/i386vyatta/3.4.1/i386vyatta/3.4.0/i386debian/0.13.7-47+jenner9Stig Thormodsrud
2009-07-10Fix 4683: Firewall Rule number maximum 1024 reachedStig Thormodsrud
2009-06-150.13.7-47+jenner8vyatta/3.3.99test3/i386vyatta/3.3.99test3/amd64vyatta/3.3.99test2/i386vyatta/3.3.99test1/i386debian/0.13.7-47+jenner8Stig Thormodsrud
2009-06-15Fix negate of firewall group.Stig Thormodsrud
2009-06-15Firewall groups fail on bootup - change syntax check to commit check.Stig Thormodsrud
2009-06-140.13.7-47+jenner7debian/0.13.7-47+jenner7Stig Thormodsrud
2009-06-14Fix 4581: Firewall name issue causes failed commitStig Thormodsrud
2009-06-12remove pseudo-ethernet vifStephen Hemminger
2009-06-020.13.7-47+jenner6debian/0.13.7-47+jenner6Stig Thormodsrud
2009-06-02Change syntax err msg from default-policy to default-action.Stig Thormodsrud
2009-06-020.13.7-47+jenner5debian/0.13.7-47+jenner5Stig Thormodsrud
2009-06-02Merge branch 'jenner' of http://git.vyatta.com/vyatta-cfg-firewall into jennerStig Thormodsrud
2009-06-02Change firewall default-policy to default-action.Stig Thormodsrud
2009-06-020.13.7-47+jenner4debian/0.13.7-47+jenner4Mohit Mehta
2009-06-02* fix syntax error messageMohit Mehta
2009-06-020.13.7-47+jenner3debian/0.13.7-47+jenner3Stig Thormodsrud
2009-06-02Merge branch 'jenner' of http://git.vyatta.com/vyatta-cfg-firewall into jennerStig Thormodsrud
2009-06-02Make firewall group comp_help more consistent with the rest of the cli.Stig Thormodsrud
2009-06-020.13.7-47+jenner2debian/0.13.7-47+jenner2Mohit Mehta
2009-06-02* add default value of 1 for 'limit burst' in its node.defMohit Mehta
* add comp_help for 'limit rate' * make sure 'limit rate' is not less than 1/time unit
2009-05-290.13.7-47+jenner1debian/0.13.7-47+jenner1An-Cheng Huang
2009-05-280.13.7-47debian/0.13.7-47Bob Gilligan
2009-05-28Bugfix 4462: Fix typo in interface name references.Bob Gilligan
2009-05-270.13.7-46debian/0.13.7-46Mohit Mehta
2009-05-27explicitly set conntrack table size to 16384 on system bootMohit Mehta
2009-05-22remove unused ifrenameStephen Hemminger
2009-05-140.13.7-45debian/0.13.7-45Stig Thormodsrud
2009-05-14Fix 4390: Firewall config error: Cannot specify multiple ports when bothStig Thormodsrud
source and destination ports are specified.
2009-05-130.13.7-44debian/0.13.7-44Mohit Mehta
2009-05-13rectify regex checkMohit Mehta
2009-05-120.13.7-43debian/0.13.7-43Mohit Mehta
2009-05-12Fix Bug 4394 reject is an invalid action for rules in modify rulesetsMohit Mehta
* remove reject as an allowed value for action field in modify & ipv6-modify firewall rulesets
2009-05-110.13.7-42debian/0.13.7-42Mohit Mehta
2009-05-11Add 'reject' as a configurable value for default-policyMohit Mehta
under name and ipv6-name rulesets
2009-05-080.13.7-41debian/0.13.7-41Mohit Mehta
2009-05-08Fix Bug 4388 firewall name shouldn't have been set after commit failedMohit Mehta
* undo chain setup and refcnt work if chain rule failed during chain creation
2009-05-08Bugfix 4340: Enable net.netfilter.nf_conntrack_tcp_be_liberal by default.Bob Gilligan
The parameter in question loosens the "acceptability" check on TCP sequence and ACK numbers in the TCP conntrack module. This allows connection tracking to survive certain cases where packet loss would cause it to loose sync with the TCP endpoints.
2009-05-050.13.7-40debian/0.13.7-40Mohit Mehta
2009-05-05* don't allow user to create a chain that exists in the system. This may beMohit Mehta
either vyatta/user defined chains or system chains such as INPUT, OUTPUT etc. * don't allow user to create chains with name starting from 'VZONE'. This is reserved for zone chains created by us.
2009-05-010.13.7-39debian/0.13.7-39Mohit Mehta
generated by cgit v1.2.3 (git 2.39.1) at 2025-09-01 08:29:45 +0000