index
:
vyatta-cfg-firewall.git
bug6860
crux
current
daisy
equuleus
glendale
helium
hollister
hollywood
hydrogen
hydrogen-test
islavista
jenner
kenwood
larkspur
lithium
master
mendocino
napa
napa-dev
oxnard
oxnard-nat-enhancements
pacifica
pbr
upstream
Configuration templates and scripts for the firewall subsystem. (mirror of https://github.com/vyos/vyatta-cfg-firewall.git)
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
scripts
Age
Commit message (
Expand
)
Author
2012-04-30
service names with hyphen need to be escaped using square brackets.
Gaurav Sinha
2012-04-16
fixing 7998
Gaurav Sinha
2012-03-23
include CT_TIMEOUT chain for conntrack timeouts.
Gaurav
2012-02-29
7047:use DEFLT instead of default
Gaurav
2012-02-29
fixing 7047
Gaurav
2011-12-27
Create VRRP output filter to filter IGMP from vmac interfaces
John Southworth
2011-12-12
Setup filter for VRRP vmac interfaces
John Southworth
2011-12-01
Bug 6063 ENH: Provide option(s) to globally allow stateful return traffic
Mohit Mehta
2011-11-15
Move check-params-on-reboot script for conntrack hash size to
Daniil Baturin
2011-08-29
Fix Bug 7477 firewall group negation doesn't work in vc6.3
Stig
2011-07-15
Fix Bug 7340 Unable to apply modify firewall to interface when zone policy ex...
Mohit Mehta
2011-05-20
add "two-stage commit" equivalent to previous fix for bug 5227.
An-Cheng Huang
2011-05-03
modify firewall groups to work with new commit
napa-dev
An-Cheng Huang
2011-04-18
* Fix Bug 6915 conntrack-hash-size reverts to default after upgrade
Mohit Mehta
2011-03-07
more ipset 6.0 change
An-Cheng Huang
2010-11-16
Updated to change in error location api.
Michael Larson
2010-10-30
Fix 5247: Firewall groups CLI becomes out of sync with ipset when sets and de...
Stig Thormodsrud
2010-10-19
add local hook setup/tear for filter table similar to in|out hooks
Mohit Mehta
2010-10-19
use single variable to reference firewall IN and OUT hooks
Mohit Mehta
2010-10-15
missing paren
root
2010-10-15
additional errors w/ location of error.
root
2010-10-11
Use Sys::Syslog to avoid calling logger excessively
Stephen Hemminger
2010-10-01
move chain_referenced function to Mgr.pm module
Mohit Mehta
2010-09-21
* move count_iptables_rule to Iptables::Mgr and update it's usage
Mohit Mehta
2010-09-21
* separate out post fw hooks for IN, FWD, OUT. Use count_iptables_rule from lib
Mohit Mehta
2010-08-31
Fix 6125: iptables errors on boot up of mendocino
Stig Thormodsrud
2010-06-12
Dont tear down conntrack if the other table is using it.
Stig Thormodsrud
2010-06-12
Dont create FW_CONNTRACK if it already exists.
Stig Thormodsrud
2010-06-11
Add support for firewall enable-default-log.
Stig Thormodsrud
2010-06-10
Infrastruction needed for bug 5583.
Stig Thormodsrud
2010-05-17
Fix Bug 5588 Add ability to modify conntrack expectation table size
Mohit Mehta
2010-04-09
Add VYATTA_PRE_DNAT_HOOK in nat PREROUTING table.
Stig Thormodsrud
2010-03-18
Fix firewall group parent delete while still referenced.
Stig Thormodsrud
2010-03-17
Fix 5453: can't delete "address" under "firewall group <> address-group <>"
Stig Thormodsrud
2010-03-05
Fix firewall conntrack teardown.
Stig Thormodsrud
2010-02-15
Fix 5227: firewall group config can get out of sync with ipset
Stig Thormodsrud
2010-02-02
Remove old Xorp template
Stephen Hemminger
2009-09-22
Bugfix 4951: Don't fail if IPv6 kernel module is not loaded.
Bob Gilligan
2009-08-07
* Fix Bug 3625 Firewall protocol option should have a selection for TCP and UDP
Mohit Mehta
2009-07-31
Another attempt to fix 4760.
Stig Thormodsrud
2009-07-31
Fix 4683: Firewall Rule number maximum 1024 reached
Stig Thormodsrud
2009-06-14
Fix 4581: Firewall name issue causes failed commit
Stig Thormodsrud
2009-06-02
Change firewall default-policy to default-action.
Stig Thormodsrud
2009-05-27
explicitly set conntrack table size to 16384 on system boot
Mohit Mehta
2009-05-11
Add 'reject' as a configurable value for default-policy
Mohit Mehta
2009-05-08
Fix Bug 4388 firewall name shouldn't have been set after commit failed
Mohit Mehta
2009-05-08
Bugfix 4340: Enable net.netfilter.nf_conntrack_tcp_be_liberal by default.
Bob Gilligan
2009-05-05
* don't allow user to create a chain that exists in the system. This may be
Mohit Mehta
2009-05-01
* setup table only for specific tree, not both filter and mangle
Mohit Mehta
2009-04-27
outlaw applying firewall to an interface that is defined under a zone
Mohit Mehta
[next]