summaryrefslogtreecommitdiff
path: root/templates/firewall/name
AgeCommit message (Collapse)Author
2013-05-22Enable generation of SNMP traps on firewall config changesJames Davidson
Adds call to vyatta-firewall-trap.pl to end action of firewall nodes.
2012-10-06PBR: config command validations, help strings etc. cleaned up andsusheela
includes fixes for 8355, 8362, 8365.
2012-09-03initial checkin for pbr functionalityRobert Bays
2012-08-29fix 8200, don't allow shim6 in allowed list of ipv4 protocols for firewallGaurav Sinha
2012-06-02Make firewall syntax checks use the vyatta-util libraryJohn Southworth
2011-12-02Warn users when stateful rules are set with state-policy configuredMohit Mehta
2011-12-01Bug 6063 ENH: Provide option(s) to globally allow stateful return trafficMohit Mehta
* add code to set global policy for established, related, invalid states
2011-05-03modify firewall groups to work with new commitnapa-devAn-Cheng Huang
2011-01-10Fix Bug 6292 iptables chain-name must be reduced to 28 characters maxMohit Mehta
* change syntax check to limit firewall ruleset names to 28 chars and bump firewall cfg-version to enable config migration (cherry picked from commit a0e5b2107d6073a103e0f0c04cc8656f8dc3816b)
2010-08-17remove low-level config dir usageAn-Cheng Huang
2010-08-17update help text to use val_helpAn-Cheng Huang
2010-08-17fix bug 6055 firewall rule help strings are confusingMohit Mehta
* add val_help for firewall rule nodes (cherry picked from commit 0a1eb7471e1ec478b2eb22200ab5fc42eaba1e8e)
2010-08-17fix range in help strings for count parameter under recentMohit Mehta
(cherry picked from commit 3210dfe5d41f926840fd9ee6981a9fa89534cfd7)
2010-07-27Convert firewall rules to val_help:Stephen Hemminger
Convert some (but not all) of existing rules using comp_help: to use val_help: (cherry picked from commit 77e13fa992a50cc5721bbad64235bff8f8ecd50d)
2010-07-21undo verb usage at the start of help stringsMohit Mehta
2010-07-15Fix bug 4629 configuration limit of recent count firewall rule is 20Mohit Mehta
* raise recent count limit to 255. add syntax check to disallow invalid values
2010-06-11Add support for firewall enable-default-log.Stig Thormodsrud
2010-01-04Don't allow spaces or other shell-confusing characters in firewall nameStephen Hemminger
Don't allow space, verticalbar, semicolon, ampersand, dollar sign, less or greater than in rule name. This is because of lack of quoting in perl processing Bug 4156
2009-11-30added required keyword to help text.Michael Larson
2009-10-21move priority after tag nodes.slioch
2009-10-20add priority to node.def files.slioch
2009-10-02Change syntax exec to syntax pattern.Stig Thormodsrud
2009-08-07* Fix Bug 3625 Firewall protocol option should have a selection for TCP and UDPMohit Mehta
added tcp_udp as a valid protocol value to match both tcp and udp in 1 rule
2009-07-31Fix 4683: Firewall Rule number maximum 1024 reachedStig Thormodsrud
(cherry picked from commit 90fb731c3a846e9a951c6fd1c5f73082e2bcf93a)
2009-06-15Firewall groups fail on bootup - change syntax check to commit check.Stig Thormodsrud
2009-06-02Change syntax err msg from default-policy to default-action.Stig Thormodsrud
2009-06-02Change firewall default-policy to default-action.Stig Thormodsrud
2009-06-02* fix syntax error messageMohit Mehta
2009-06-02* add default value of 1 for 'limit burst' in its node.defMohit Mehta
* add comp_help for 'limit rate' * make sure 'limit rate' is not less than 1/time unit
2009-05-13rectify regex checkMohit Mehta
2009-05-11Add 'reject' as a configurable value for default-policyMohit Mehta
under name and ipv6-name rulesets
2009-05-05* don't allow user to create a chain that exists in the system. This may beMohit Mehta
either vyatta/user defined chains or system chains such as INPUT, OUTPUT etc. * don't allow user to create chains with name starting from 'VZONE'. This is reserved for zone chains created by us.
2009-05-01* setup table only for specific tree, not both filter and mangleMohit Mehta
as we teardown table only for the tree that was in the CLI * remove 'next' statement for removed for loop * fix Bug 4244 - Committing firewall changes breaks WAN Load-balancing (WLB) we only delete chains that are configured under firewall and don't touch chains that might be owned by other features such as zone based firewall, WLB * remove unused code, code cleanup
2009-04-24Move setup/teardown out from top-level firewall node.Stig Thormodsrud
Add refcnts to know when to teardown.
2009-04-13Move firewall "end" processing down to each table.Stig Thormodsrud
Fix bug for global enable/disable of conntrack.
2009-04-09Add ability for firename to select default policy.Stig Thormodsrud
2009-03-27Revert "Allow user configurable default-policy on firewall."Stig Thormodsrud
Further test identified a problem. The patch is broken if a packet must do both an in & out filter. This reverts commit 754d0f4d855a59020afa20ad8867218708b5c978.
2009-03-27Allow user configurable default-policy on firewall.Stig Thormodsrud
2009-03-26* add 'redirect' to Valid ICMPv6 TypesMohit Mehta
* add comp_help for ICMPv4 type-name
2009-02-27Prevent ';' from being used in a firewall name.Stig Thormodsrud
2009-02-26Add allow/comp_help to firewall action.Stig Thormodsrud
2009-02-25Use single quote around $VAR(@).Stig Thormodsrud
2009-02-25Revert "Make sure to quote $VAR(@)."Stig Thormodsrud
This reverts commit c5595b67948166f65c8ea2c1ce1890b9aa27fd3d.
2009-02-24Make sure to quote $VAR(@).Stig Thormodsrud
2009-02-24Limit firewall name to 29 characters since that is the iptables/ip6tablesStig Thormodsrud
limit.
2009-02-23Add "ipv6-modify" firewall configuration sub-tree.Bob Gilligan
2009-02-12Merge branch 'jenner' of http://git.vyatta.com/vyatta-cfg-firewall into jennerStig Thormodsrud
2009-02-12Add allow values for firewall groups.Stig Thormodsrud
2009-02-12no need to use loop to echo allowed valuesMohit Mehta
2009-02-12better off storing icmp type-names than depend on iptables helpMohit Mehta
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-13 03:56:14 +0000