summaryrefslogtreecommitdiff
path: root/Makefile.am
AgeCommit message (Collapse)Author
2013-05-22Add script to generate trapsJames Davidson
When a firewall configuration change is made, and trap can be generated to track who changed the configuration and what the configuration change was.
2012-09-03initial checkin for pbr functionalityRobert Bays
2012-06-08Bugfix 8042: increase number of firewall groups to a reasonable numberJohn Southworth
2011-12-01Bug 6063 ENH: Provide option(s) to globally allow stateful return trafficMohit Mehta
* add code to set global policy for established, related, invalid states
2011-11-15Move check-params-on-reboot script for conntrack hash size toDaniil Baturin
vyatta-conntrack, update automake rules and debian controls accordingly.
2011-11-05Fix automake rules to reflect version change and removal of conntrack ↵Daniil Baturin
modprobe config.
2011-11-03fix duplicate definiton in MakefileStephen Hemminger
Causes warning in Debian testing
2011-04-18* Fix Bug 6915 conntrack-hash-size reverts to default after upgradeMohit Mehta
add script conntrack-hash-size in check-params-on-reboot.d to fix problem of 'firewall conntrack-hash-size' value being out-of-sync with the underlying value when newly installed image boots for the first time
2011-01-10Fix Bug 6292 iptables chain-name must be reduced to 28 characters maxMohit Mehta
* change syntax check to limit firewall ruleset names to 28 chars and bump firewall cfg-version to enable config migration (cherry picked from commit a0e5b2107d6073a103e0f0c04cc8656f8dc3816b)
2010-09-13Fix Bug 6149 Warning on boot because of modprobe config file namesMohit Mehta
* add .conf suffix to files in /etc/modprobe.d * remove old files without the suffix [from a previous release] during upgrade
2010-07-15Fix bug 4629 configuration limit of recent count firewall rule is 20Mohit Mehta
* raise recent count limit to 255. add syntax check to disallow invalid values
2010-06-10Infrastruction needed for bug 5583.Stig Thormodsrud
2010-05-17Fix Bug 5588 Add ability to modify conntrack expectation table sizeMohit Mehta
* added 'firewall conntrack-expect-table-size' to modify expect table's size * added 'firewall conntrack-hash-size' to set hash size for conntrack table
2009-02-24Allow IPv6 firewall rulesets to be configured on an interface independent of ↵Bob Gilligan
IPv4. Replaced the hand-coded config templates under each type of interface with script-generated templates. This should be easier to maintain as we add new types of interfaces. Added sub-trees for "modify", "ipv6-name" and "ipv6-modify" under "in", "out" and "local" for all interfaces. Added command-completion for ruleset names being configured on an interface.
2009-02-02Add 1st pass of firewall group support (ipset netfilter moduleStig Thormodsrud
integration).
2008-11-24Convert to Vyatta::ConfigStephen Hemminger
Also move AddressFilter here because install is too stupid to handle directory hierarchy for perl.
2008-11-21Rename VyattaIpTablesRule to Vyatta::IpTables::RuleStephen Hemminger
2008-06-18increment firewall config syntax version for hollywood.An-Cheng Huang
2008-02-11move common module to vyatta-cfgAn-Cheng Huang
2008-01-14add config version filedebian/0.1An-Cheng Huang
2007-12-14Move vyatta-show-firewall.pl over to vyatta-op-firewall package.Bob Gilligan
2007-12-10Update vyatta-cfg-firewall package.Bob Gilligan
2007-12-10Initial setup of vyatta-cfg-firewall package.Bob Gilligan