summaryrefslogtreecommitdiff
path: root/scripts
AgeCommit message (Expand)Author
2010-06-10Infrastruction needed for bug 5583.Stig Thormodsrud
2010-05-17Fix Bug 5588 Add ability to modify conntrack expectation table sizeMohit Mehta
2010-04-09Add VYATTA_PRE_DNAT_HOOK in nat PREROUTING table.Stig Thormodsrud
2010-03-18Fix firewall group parent delete while still referenced.Stig Thormodsrud
2010-03-17Fix 5453: can't delete "address" under "firewall group <> address-group <>"Stig Thormodsrud
2010-03-05Fix firewall conntrack teardown.Stig Thormodsrud
2010-02-15Fix 5227: firewall group config can get out of sync with ipsetStig Thormodsrud
2010-02-02Remove old Xorp templateStephen Hemminger
2009-09-22Bugfix 4951: Don't fail if IPv6 kernel module is not loaded.Bob Gilligan
2009-08-07* Fix Bug 3625 Firewall protocol option should have a selection for TCP and UDPMohit Mehta
2009-07-31Another attempt to fix 4760.Stig Thormodsrud
2009-07-31Fix 4683: Firewall Rule number maximum 1024 reachedStig Thormodsrud
2009-06-14Fix 4581: Firewall name issue causes failed commitStig Thormodsrud
2009-06-02Change firewall default-policy to default-action.Stig Thormodsrud
2009-05-27explicitly set conntrack table size to 16384 on system bootMohit Mehta
2009-05-11Add 'reject' as a configurable value for default-policyMohit Mehta
2009-05-08Fix Bug 4388 firewall name shouldn't have been set after commit failedMohit Mehta
2009-05-08Bugfix 4340: Enable net.netfilter.nf_conntrack_tcp_be_liberal by default.Bob Gilligan
2009-05-05* don't allow user to create a chain that exists in the system. This may beMohit Mehta
2009-05-01* setup table only for specific tree, not both filter and mangleMohit Mehta
2009-04-27outlaw applying firewall to an interface that is defined under a zoneMohit Mehta
2009-04-27Disable firewall debuging by default.Stig Thormodsrud
2009-04-24enable/disable conntrack separately for ipv4/ipv6Stig Thormodsrud
2009-04-24Move setup/teardown out from top-level firewall node.Stig Thormodsrud
2009-04-13Add conntrack and post firewall hooks for IPv6.Bob Gilligan
2009-04-13Fix bug where an empty firewall rule deletes the default drop policy.Stig Thormodsrud
2009-04-13Move firewall "end" processing down to each table.Stig Thormodsrud
2009-04-09Add ability for firename to select default policy.Stig Thormodsrud
2009-04-08Fix faulty search loop.Stig Thormodsrud
2009-04-07Apply interface firewalls to separate VYATTA_(IN|OUT)_HOOK.Stig Thormodsrud
2009-03-27Revert "Allow user configurable default-policy on firewall."Stig Thormodsrud
2009-03-27Allow user configurable default-policy on firewall.Stig Thormodsrud
2009-03-12Doing strict ES won't work for routerStephen Hemminger
2009-03-12Don't use -PStephen Hemminger
2009-03-12Enable strict host matchingStephen Hemminger
2009-03-04Don't attempt to delete ruleset from "other" treesBob Gilligan
2009-02-24Allow IPv6 firewall rulesets to be configured on an interface independent of ...Bob Gilligan
2009-02-15Add support for ranges in firewall group address & port.Stig Thormodsrud
2009-02-13Add description and references to "show firewall group".Stig Thormodsrud
2009-02-13Add show-set to display all sets.Stig Thormodsrud
2009-02-13Add support for "show firewall group".Stig Thormodsrud
2009-02-09Add back parameter that was dropped when converting to use run_cmd().Stig Thormodsrud
2009-02-06Add carriage return to error message.Stig Thormodsrud
2009-02-06Add validation of group type.Stig Thormodsrud
2009-02-04Delete commented out code.Stig Thormodsrud
2009-02-03Turn on strict checking and fix warningsStephen Hemminger
2009-02-02Add 1st pass of firewall group support (ipset netfilter moduleStig Thormodsrud
2009-01-29Use iptables comment to identify CLI rule numbers in iptables outputMohit Mehta
2009-01-23Bugfix 4062: Don't reference parameters outside the config tree.Bob Gilligan
2009-01-21Initial support for IPv6.Bob Gilligan
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-20 03:42:31 +0000