Age | Commit message (Collapse) | Author | |
---|---|---|---|
2009-02-28 | Fix 3422: fw logging fails if logprefix is too long (> 29 characters) | Stig Thormodsrud | |
2009-02-27 | Limit address range to a /24, but make easy to change if it's deam too ↵ | Stig Thormodsrud | |
restrictive. | |||
2009-02-18 | Multiple updates for IPv6: | Bob Gilligan | |
- Added ICMPv6 config tree - Removed ICMP config tree (it's not used in IPv6) - Removed fragmentation tree (it's not used in IPv6) - Improved parsing for source and destination address parameters - Improved parsing for protocol parameter | |||
2009-02-16 | - Add check for address range starting with higher address. | Stig Thormodsrud | |
- Add natural-order sort for displaying address/network groups. | |||
2009-02-15 | Reduce duplicate code. | Stig Thormodsrud | |
2009-02-15 | Change delete_member_range to use the same subnet prefix. | Stig Thormodsrud | |
2009-02-15 | Add support for ranges in firewall group address & port. | Stig Thormodsrud | |
2009-02-13 | Add description and references to "show firewall group". | Stig Thormodsrud | |
2009-02-13 | Cache exists() to reduce calls to external /usr/sbin/ipset. | Stig Thormodsrud | |
2009-02-13 | Add support for "show firewall group". | Stig Thormodsrud | |
2009-02-12 | Add check for combining network-group and address-group. | Stig Thormodsrud | |
2009-02-11 | Add check for combination of IP range and network-group. | Stig Thormodsrud | |
2009-02-10 | Change sudo usage to be more consistent. | Stig Thormodsrud | |
2009-02-10 | Clean up mapping between vyatta firewall group_type vs ipset set_type. | Stig Thormodsrud | |
2009-02-10 | Add space in front of match rule just in case other match rules don't. | Stig Thormodsrud | |
2009-02-10 | Add more validation of firewall network-group before calling ipset. | Stig Thormodsrud | |
2009-02-10 | Add more firewall group validation before calling ipset. | Stig Thormodsrud | |
2009-02-06 | Add validation of group type. | Stig Thormodsrud | |
2009-02-05 | display appropriate anywhere address depending on IPv4 or IPv6 | Mohit Mehta | |
protocol should be displayed as all when no protocol set | |||
2009-02-04 | Reduce duplicate code in setup/setupOrig. | Stig Thormodsrud | |
2009-02-03 | Add validation that group and non-groups can't be used in the same src/dst rule. | Stig Thormodsrud | |
2009-02-03 | Reduce duplicate code in setup/setupOrig. | Stig Thormodsrud | |
2009-02-03 | Reduce duplicate code. | Stig Thormodsrud | |
2009-02-03 | Fix perlcritic warnings | Stephen Hemminger | |
Should not explicitly return undef | |||
2009-02-03 | Enable strict checking | Stephen Hemminger | |
Enable strict perl checking. | |||
2009-02-03 | Remove prototype | Stephen Hemminger | |
Perl prototypes are broken and should never be used (see Perl Best Practices). | |||
2009-02-03 | Fix call to returnValue that should be returnOrigValue. | Stig Thormodsrud | |
2009-02-02 | Add 1st pass of firewall group support (ipset netfilter module | Stig Thormodsrud | |
integration). | |||
2009-01-30 | Fix Bug 2741 ENH: filter based on ICMP Type/code by name | Mohit Mehta | |
2009-01-29 | Use iptables comment to identify CLI rule numbers in iptables output | Mohit Mehta | |
2009-01-26 | Add support for IPv6 address ranges. | Bob Gilligan | |
2009-01-26 | Fix Bug 2474 https://bugzilla.vyatta.com/show_bug.cgi?id=2474 | Mohit Mehta | |
2009-01-23 | Bugfix 4062: Don't reference parameters outside the config tree. | Bob Gilligan | |
The AddressFilter module was reaching up the config tree to find a config parameter that was used to determine whether the address type was IPv4 or IPv6. This breaks when the functions are called from some locations in the config tree. I added explicity function calls to allow the caller to to set the IP version, obviating the need to reference a config parameter to determin the IP version. | |||
2009-01-21 | Merge branch 'jenner' of http://git.vyatta.com/vyatta-cfg-firewall into jenner | Bob Gilligan | |
2009-01-21 | Initial support for IPv6. | Bob Gilligan | |
2009-01-16 | - Fix Bug 2223 Add rate rate limiting / burst limiting functions to the ↵ | Mohit Mehta | |
Vyatta firewall - Fix help strings for time-based firewall nodes | |||
2009-01-14 | Fix Bug 3653 Add the ability to configure time-based firewall rules | Mohit Mehta | |
- make available the option to use time with startdate and stopdate | |||
2009-01-13 | Fix Bug 3653 Add the ability to configure time-based firewall rules | Mohit Mehta | |
2008-12-22 | Fix 2563: Add firewall-rule specific disable configuration parameter. | Stig Thormodsrud | |
2008-12-09 | Warning are now enabled - don't reference undefined values. | Stig Thormodsrud | |
2008-12-08 | Convert to use Vyatta:: | Stig Thormodsrud | |
2008-12-03 | add ipp2p config options | An-Cheng Huang | |
2008-11-25 | Fix reference to Vyatta::Misc | Stephen Hemminger | |
Add reference line to pick up getPortRuleString. | |||
2008-11-24 | Convert VyattaConfig to Vyatta::Config | Stephen Hemminger | |
2008-11-24 | Convert to Vyatta::Config | Stephen Hemminger | |
Also move AddressFilter here because install is too stupid to handle directory hierarchy for perl. | |||
2008-11-21 | Rename VyattaIpTablesRule to Vyatta::IpTables::Rule | Stephen Hemminger | |