Age | Commit message (Collapse) | Author | |
---|---|---|---|
2011-11-04 | Add dependency on version of vyatta-cfg-systemoxnard-nat-enhancements | Stephen Hemminger | |
Need version with pseudo-ethernet vif support (cherry picked from commit 1097c1d6e33341590d884dfdc5e172f9ad041e45) | |||
2011-11-04 | fix duplicate definiton in Makefile | Stephen Hemminger | |
Causes warning in Debian testing (cherry picked from commit 2b84bd692a6489eeba1fcfe5ecb1fb19c0dd8627) | |||
2011-11-04 | Add support for vif on pseudo-ethernet | Stephen Hemminger | |
(cherry picked from commit 0da55b5a617f711cbae8d642a26cb5bcc7658e7f) | |||
2011-11-04 | Fix Bug 7477 firewall group negation doesn't work in vc6.3 | Stig | |
* use Ipset.pm method rather than CLI path to validate group name when using group as a match condition in a firewall ruleset (cherry picked from commit 77e338a9b5e668fb1104e2fb939a90b4d73f7ab0) | |||
2011-11-04 | Fix README | Mohit Mehta | |
(cherry picked from commit f7c2e4d1dbc9caa12aff8ab384695844c3c8df7b) | |||
2011-11-04 | Fix Bug 7340 Unable to apply modify firewall to interface when zone policy ↵ | Mohit Mehta | |
exists * change commit check to only check if the interface being applied firewall ruleset is in a zone if only the ruleset type is either name|ipv6-name. Thus, ignoring the check when modify rule-set is being applied to an interface (cherry picked from commit 8b2b85a129d3cf23565efe7b0ee15871ebff15c0) (cherry picked from commit 0d3699267b313a59f3e5500c1cab7f00f43b7712) | |||
2011-11-04 | add "two-stage commit" equivalent to previous fix for bug 5227. | An-Cheng Huang | |
(cherry picked from commit 7a753ec2407d775635adc0df54dac21f59950ecb) | |||
2011-11-04 | modify firewall groups to work with new commit | An-Cheng Huang | |
(cherry picked from commit 22d37f427054b52bd724c17d9656bca6dee7d3c5) | |||
2011-11-04 | * Fix Bug 6915 conntrack-hash-size reverts to default after upgrade | Mohit Mehta | |
add script conntrack-hash-size in check-params-on-reboot.d to fix problem of 'firewall conntrack-hash-size' value being out-of-sync with the underlying value when newly installed image boots for the first time (cherry picked from commit d2a481a204e619b8a47ceed11a87173cc4de892c) | |||
2011-11-04 | more ipset 6.0 change | An-Cheng Huang | |
(cherry picked from commit d271c70b1b42dbeff56c895c4d7902a99150e675) | |||
2011-11-04 | changes for ipset 6.0 | An-Cheng Huang | |
(cherry picked from commit 4148f9d04c01f8f75b1aadaf1b5f297ded264376) | |||
2011-11-04 | Partial fix for bug 6759 serial packages are incorrectly included in virt ISO | Mohit Mehta | |
* make vyatta-cfg-firewall-serial depend on vyatta-serial (cherry picked from commit 791d184b9457b2a73a861e84980461c7b31692c8) | |||
2011-11-04 | Fix Bug 6292 iptables chain-name must be reduced to 28 characters max | Mohit Mehta | |
* change syntax check to limit firewall ruleset names to 28 chars and bump firewall cfg-version to enable config migration (cherry picked from commit a0e5b2107d6073a103e0f0c04cc8656f8dc3816b) (cherry picked from commit 435bf038f32a968424030da43b4a85ec50e02767) | |||
2011-11-04 | Delete conntrack modprobe config file from automake rules. | Daniil Baturin | |
2011-11-04 | Remove conntrack modprobe config file (will be in vyatta-conntrack now). | Daniil Baturin | |
2011-11-01 | Remove remaining conntrack-related templates. | Daniil Baturin | |
2011-09-12 | Update automake rules to match new config version. | Daniil Baturin | |
2011-08-16 | Remove conntrack-related templates from firewall | Daniil Baturin | |
2011-08-16 | Change firewall config version from 3 to 4 | Daniil Baturin | |
2010-12-06 | 0.13.38debian/0.13.38 | Stephen Hemminger | |
2010-12-06 | Fix help text for firewall interface rules | Stephen Hemminger | |
Bug 6111 Don't use "Set inbound" instead use "Inbound" | |||
2010-12-03 | 0.13.37debian/0.13.37 | Stephen Hemminger | |
2010-12-03 | Fix help text in generated templates | Stephen Hemminger | |
Do not use verb (Set) in help text. Do not put date on generated templates (no useful value). | |||
2010-11-29 | 0.13.36debian/0.13.36 | Stig Thormodsrud | |
2010-11-29 | Fix 6442: Request to remove "Error: ipt_disable_conntrack failed to find | Stig Thormodsrud | |
Don't print scary messages when trying to delete something thats not there. | |||
2010-11-29 | 0.13.35debian/0.13.35 | Stig Thormodsrud | |
2010-11-29 | Merge branch 'mendocino' of http://git.vyatta.com/vyatta-cfg-firewall into ↵ | Stig Thormodsrud | |
mendocino | |||
2010-11-29 | Show if logging is enabled on the default action. | Stig Thormodsrud | |
2010-11-24 | 0.13.34debian/0.13.34 | Stephen Hemminger | |
2010-11-24 | Merge branch 'mendocino' of vm:rel/vyatta-cfg-firewall into mendocino | Stephen Hemminger | |
2010-11-24 | Use regex to test for name length rather than wc program | Stephen Hemminger | |
More efficient to use shell pattern match to test for name length. | |||
2010-11-16 | 0.13.33debian/0.13.33 | Michael Larson | |
2010-11-16 | Updated to change in error location api. | Michael Larson | |
2010-11-11 | 0.13.32debian/0.13.32 | Mohit Mehta | |
2010-11-11 | Fix Bug 6421 cannot set content-inspection in the same | Mohit Mehta | |
direction for two or more interfaces * invoke all iptables commands using sudo in the Mgr module. also fixes this bug where chain_referenced was returning wrong value due to permissions issue | |||
2010-10-30 | 0.13.31debian/0.13.31 | Stig Thormodsrud | |
2010-10-30 | Fix 5247: Firewall groups CLI becomes out of sync with ipset when sets and ↵ | Stig Thormodsrud | |
deletes are contained within a single commit | |||
2010-10-19 | 0.13.30debian/0.13.30 | Mohit Mehta | |
2010-10-19 | add local hook setup/tear for filter table similar to in|out hooks | Mohit Mehta | |
2010-10-19 | use single variable to reference firewall IN and OUT hooks | Mohit Mehta | |
2010-10-15 | 0.13.29debian/0.13.29 | Stig Thormodsrud | |
2010-10-15 | Change snort queue target use default queue. | Stig Thormodsrud | |
2010-10-15 | 0.13.28debian/0.13.28 | Stig Thormodsrud | |
2010-10-15 | Fix 6296: "iptables: No chain..." message when committing the firewall group ↵ | Stig Thormodsrud | |
configuration. - redirect stderr | |||
2010-10-15 | 0.13.27debian/0.13.27 | root | |
2010-10-15 | missing paren | root | |
2010-10-15 | 0.13.26debian/0.13.26 | root | |
2010-10-15 | additional errors w/ location of error. | root | |
2010-10-14 | 0.13.25debian/0.13.25 | Stig Thormodsrud | |
2010-10-14 | Add Iptables::Mgr route to get queue target. | Stig Thormodsrud | |