summaryrefslogtreecommitdiff
path: root/templates/firewall/group/address-group/node.def
AgeCommit message (Collapse)Author
2022-09-19ipset: T2189: optimized firewall groups performancezsdc
This commit optimizes the speed of interaction with the ipset. * removed extra `sudo` from `ipset` commands, because scripts that run `ipset` commands already run under `sudo`. This gives approximately 4x performance improvement. * replaced logic in the `member_exists` function for port groups. Instead of calling `ipset -T` for each port now the whole list is received in one command and a search process is done inside Perl. This significantly improves speed for port groups with long port ranges inside. * delete ip address and port ranges using a single command instead deleting each element individually. * added the same ranges validation for address-group as for port-group.
2018-03-12Task T35 - add support for IPv6 firewall adddress and network groupsMarian Tudosoiu
2013-05-22Enable generation of SNMP traps on firewall config changesJames Davidson
Adds call to vyatta-firewall-trap.pl to end action of firewall nodes.
2011-05-03modify firewall groups to work with new commitnapa-devAn-Cheng Huang
2010-11-24Use regex to test for name length rather than wc programStephen Hemminger
More efficient to use shell pattern match to test for name length.
2010-07-27Convert firewall rules to val_help:Stephen Hemminger
Convert some (but not all) of existing rules using comp_help: to use val_help: (cherry picked from commit 77e13fa992a50cc5721bbad64235bff8f8ecd50d)
2010-07-21undo verb usage at the start of help stringsMohit Mehta
2009-10-21move priority after tag nodes.slioch
2009-10-20add priority to node.def files.slioch
2009-06-15Fix negate of firewall group.Stig Thormodsrud
2009-06-02Make firewall group comp_help more consistent with the rest of the cli.Stig Thormodsrud
2009-02-02Add 1st pass of firewall group support (ipset netfilter moduleStig Thormodsrud
integration).
generated by cgit v1.2.3 (git 2.39.1) at 2025-09-02 04:10:56 +0000