Age | Commit message (Collapse) | Author | |
---|---|---|---|
2013-05-22 | Add script to generate traps | James Davidson | |
When a firewall configuration change is made, and trap can be generated to track who changed the configuration and what the configuration change was. | |||
2012-09-03 | initial checkin for pbr functionality | Robert Bays | |
2012-06-08 | Bugfix 8042: increase number of firewall groups to a reasonable number | John Southworth | |
2011-12-01 | Bug 6063 ENH: Provide option(s) to globally allow stateful return traffic | Mohit Mehta | |
* add code to set global policy for established, related, invalid states | |||
2011-11-15 | Move check-params-on-reboot script for conntrack hash size to | Daniil Baturin | |
vyatta-conntrack, update automake rules and debian controls accordingly. | |||
2011-11-05 | Fix automake rules to reflect version change and removal of conntrack ↵ | Daniil Baturin | |
modprobe config. | |||
2011-11-03 | fix duplicate definiton in Makefile | Stephen Hemminger | |
Causes warning in Debian testing | |||
2011-04-18 | * Fix Bug 6915 conntrack-hash-size reverts to default after upgrade | Mohit Mehta | |
add script conntrack-hash-size in check-params-on-reboot.d to fix problem of 'firewall conntrack-hash-size' value being out-of-sync with the underlying value when newly installed image boots for the first time | |||
2011-01-10 | Fix Bug 6292 iptables chain-name must be reduced to 28 characters max | Mohit Mehta | |
* change syntax check to limit firewall ruleset names to 28 chars and bump firewall cfg-version to enable config migration (cherry picked from commit a0e5b2107d6073a103e0f0c04cc8656f8dc3816b) | |||
2010-09-13 | Fix Bug 6149 Warning on boot because of modprobe config file names | Mohit Mehta | |
* add .conf suffix to files in /etc/modprobe.d * remove old files without the suffix [from a previous release] during upgrade | |||
2010-07-15 | Fix bug 4629 configuration limit of recent count firewall rule is 20 | Mohit Mehta | |
* raise recent count limit to 255. add syntax check to disallow invalid values | |||
2010-06-10 | Infrastruction needed for bug 5583. | Stig Thormodsrud | |
2010-05-17 | Fix Bug 5588 Add ability to modify conntrack expectation table size | Mohit Mehta | |
* added 'firewall conntrack-expect-table-size' to modify expect table's size * added 'firewall conntrack-hash-size' to set hash size for conntrack table | |||
2009-02-24 | Allow IPv6 firewall rulesets to be configured on an interface independent of ↵ | Bob Gilligan | |
IPv4. Replaced the hand-coded config templates under each type of interface with script-generated templates. This should be easier to maintain as we add new types of interfaces. Added sub-trees for "modify", "ipv6-name" and "ipv6-modify" under "in", "out" and "local" for all interfaces. Added command-completion for ruleset names being configured on an interface. | |||
2009-02-02 | Add 1st pass of firewall group support (ipset netfilter module | Stig Thormodsrud | |
integration). | |||
2008-11-24 | Convert to Vyatta::Config | Stephen Hemminger | |
Also move AddressFilter here because install is too stupid to handle directory hierarchy for perl. | |||
2008-11-21 | Rename VyattaIpTablesRule to Vyatta::IpTables::Rule | Stephen Hemminger | |
2008-06-18 | increment firewall config syntax version for hollywood. | An-Cheng Huang | |
2008-02-11 | move common module to vyatta-cfg | An-Cheng Huang | |
2008-01-14 | add config version filedebian/0.1 | An-Cheng Huang | |
2007-12-14 | Move vyatta-show-firewall.pl over to vyatta-op-firewall package. | Bob Gilligan | |
2007-12-10 | Update vyatta-cfg-firewall package. | Bob Gilligan | |
2007-12-10 | Initial setup of vyatta-cfg-firewall package. | Bob Gilligan | |