| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2009-05-05 | 0.13.7-40debian/0.13.7-40 | Mohit Mehta | |
| 2009-05-05 | * don't allow user to create a chain that exists in the system. This may be | Mohit Mehta | |
| either vyatta/user defined chains or system chains such as INPUT, OUTPUT etc. * don't allow user to create chains with name starting from 'VZONE'. This is reserved for zone chains created by us. | |||
| 2009-05-01 | 0.13.7-39debian/0.13.7-39 | Mohit Mehta | |
| 2009-05-01 | * setup table only for specific tree, not both filter and mangle | Mohit Mehta | |
| as we teardown table only for the tree that was in the CLI * remove 'next' statement for removed for loop * fix Bug 4244 - Committing firewall changes breaks WAN Load-balancing (WLB) we only delete chains that are configured under firewall and don't touch chains that might be owned by other features such as zone based firewall, WLB * remove unused code, code cleanup | |||
| 2009-04-29 | 0.13.7-38debian/0.13.7-38 | Bob Gilligan | |
| 2009-04-29 | Handle files moved from other packages to this package. | Bob Gilligan | |
| Add "Replace:" clause for each package from which files were moved. | |||
| 2009-04-29 | 0.13.7-37debian/0.13.7-37 | Stephen Hemminger | |
| 2009-04-29 | Rename virtual-ethernet to pseudo-ethernet | Stephen Hemminger | |
| 2009-04-27 | 0.13.7-36debian/0.13.7-36 | Mohit Mehta | |
| 2009-04-27 | outlaw applying firewall to an interface that is defined under a zone | Mohit Mehta | |
| 2009-04-27 | 0.13.7-35debian/0.13.7-35 | Stig Thormodsrud | |
| 2009-04-27 | Disable firewall debuging by default. | Stig Thormodsrud | |
| 2009-04-24 | 0.13.7-34debian/0.13.7-34 | Stig Thormodsrud | |
| 2009-04-24 | enable/disable conntrack separately for ipv4/ipv6 | Stig Thormodsrud | |
| 2009-04-24 | 0.13.7-33debian/0.13.7-33 | Stig Thormodsrud | |
| 2009-04-24 | Move setup/teardown out from top-level firewall node. | Stig Thormodsrud | |
| Add refcnts to know when to teardown. | |||
| 2009-04-24 | 0.13.7-32debian/0.13.7-32 | Bob Gilligan | |
| 2009-04-24 | bugfix 4297: Don't allow modify rulesets on local traffic. | Bob Gilligan | |
| 2009-04-24 | Add support for virtual-ethernet | Stephen Hemminger | |
| 2009-04-22 | 0.13.7-31debian/0.13.7-31 | Mohit Mehta | |
| 2009-04-22 | Fix Bug 4261 - Features missing in various firewall sub-trees | Mohit Mehta | |
| add 'disable', 'fragment', 'ipsec', and 'recent' under 'firewall modify' tree | |||
| 2009-04-13 | 0.13.7-30debian/0.13.7-30 | Bob Gilligan | |
| 2009-04-13 | Add conntrack and post firewall hooks for IPv6. | Bob Gilligan | |
| 2009-04-13 | 0.13.7-29debian/0.13.7-29 | Stig Thormodsrud | |
| 2009-04-13 | Fix bug where an empty firewall rule deletes the default drop policy. | Stig Thormodsrud | |
| 2009-04-13 | Move firewall "end" processing down to each table. | Stig Thormodsrud | |
| Fix bug for global enable/disable of conntrack. | |||
| 2009-04-09 | 0.13.7-28debian/0.13.7-28 | Stig Thormodsrud | |
| 2009-04-09 | Add ability for firename to select default policy. | Stig Thormodsrud | |
| 2009-04-08 | Fix faulty search loop. | Stig Thormodsrud | |
| 2009-04-07 | 0.13.7-27debian/0.13.7-27 | Stig Thormodsrud | |
| 2009-04-07 | Apply interface firewalls to separate VYATTA_(IN|OUT)_HOOK. | Stig Thormodsrud | |
| This enforces in firewall to be processed before out firewall. | |||
| 2009-04-03 | 0.13.7-26debian/0.13.7-26 | Bob Gilligan | |
| 2009-04-03 | Bugfix 4261: Add support to configure "limit" for IPv6 modify rulesets. | Bob Gilligan | |
| 2009-04-03 | 0.13.7-25debian/0.13.7-25 | Bob Gilligan | |
| 2009-04-03 | Bugfix 4261: Add support to configure "limit" in IPv6. | Bob Gilligan | |
| 2009-03-31 | 0.13.7-24debian/0.13.7-24 | Stig Thormodsrud | |
| 2009-03-31 | Remove extra carriage return that was breaking the generated firewall | Stig Thormodsrud | |
| template. | |||
| 2009-03-30 | Cleanup perl code that generates templates | Stephen Hemminger | |
| 1. Check for errors in open/mkdir 2. Use mkdir_p in perl rather than calling system 3. Use Perl Best Practices style 3 arg open 4. Put less blank lines in templates 5. reindent with perltidy 6. turn on warnings | |||
| 2009-03-27 | Revert "Allow user configurable default-policy on firewall." | Stig Thormodsrud | |
| Further test identified a problem. The patch is broken if a packet must do both an in & out filter. This reverts commit 754d0f4d855a59020afa20ad8867218708b5c978. | |||
| 2009-03-27 | Allow user configurable default-policy on firewall. | Stig Thormodsrud | |
| 2009-03-26 | 0.13.7-23debian/0.13.7-23 | Mohit Mehta | |
| 2009-03-26 | * add 'redirect' to Valid ICMPv6 Types | Mohit Mehta | |
| * add comp_help for ICMPv4 type-name | |||
| 2009-03-13 | 0.13.7-22debian/0.13.7-22 | Stephen Hemminger | |
| 2009-03-13 | Merge branch 'jenner' of suva.vyatta.com:/git/vyatta-cfg-firewall into jenner | Stephen Hemminger | |
| 2009-03-12 | Doing strict ES won't work for router | Stephen Hemminger | |
| Need a different kind of filter to fix 4061. (Not sure if it is even possible as firewall rule since it depends on quagga config rules). | |||
| 2009-03-12 | 0.13.7-21debian/0.13.7-21 | Stephen Hemminger | |
| 2009-03-12 | Don't use -P | Stephen Hemminger | |
| Changing default property of rules screws up other things | |||
| 2009-03-12 | Enable strict host matching | Stephen Hemminger | |
| Bug 4061 Host (INPUT) chain will only accept packets where destination address matches address on incoming interface. | |||
| 2009-03-10 | 0.13.7-20debian/0.13.7-20 | Bob Gilligan | |
| 2009-03-10 | Bugfix 4203: Name of template should be classical-ipoa, not classical_ipoa | Bob Gilligan | |
 |
index : vyatta-cfg-firewall.git | |
| Configuration templates and scripts for the firewall subsystem. (mirror of https://github.com/vyos/vyatta-cfg-firewall.git) |
| summaryrefslogtreecommitdiff |