| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2012-09-03 | lower priority on policy route node so it is run before interfaces | Robert Bays | |
| 2012-09-03 | initial checkin for pbr functionality | Robert Bays | |
| 2012-08-29 | fix 8200, don't allow shim6 in allowed list of ipv4 protocols for firewall | Gaurav Sinha | |
| 2012-06-03 | Remove sudo from port-group syntax check call | John Southworth | |
| 2012-06-02 | Make firewall syntax checks use the vyatta-util library | John Southworth | |
| 2012-02-24 | Bug Fix for 7751, 7753, 7757 | Mohit Mehta | |
| Add commit checks for 'state-policy' sub-tree | |||
| 2012-01-06 | Fix help string of state-policy for related connections | Mohit Mehta | |
| 2011-12-02 | Warn users when stateful rules are set with state-policy configured | Mohit Mehta | |
| 2011-12-01 | Bug 6063 ENH: Provide option(s) to globally allow stateful return traffic | Mohit Mehta | |
| * add code to set global policy for established, related, invalid states | |||
| 2011-11-08 | Remove conntrack-related code from firewall top level template | Daniil Baturin | |
| (it was moved to vyatta-conntrack). | |||
| 2011-11-05 | Remove remaining conntrack-related templates. | Daniil Baturin | |
| 2011-11-05 | Remove conntrack-related templates from firewall | Daniil Baturin | |
| 2011-05-03 | modify firewall groups to work with new commitnapa-dev | An-Cheng Huang | |
| 2011-01-10 | Fix Bug 6292 iptables chain-name must be reduced to 28 characters max | Mohit Mehta | |
| * change syntax check to limit firewall ruleset names to 28 chars and bump firewall cfg-version to enable config migration (cherry picked from commit a0e5b2107d6073a103e0f0c04cc8656f8dc3816b) | |||
| 2010-11-24 | Merge branch 'mendocino' of vm:rel/vyatta-cfg-firewall into mendocino | Stephen Hemminger | |
| 2010-11-24 | Use regex to test for name length rather than wc program | Stephen Hemminger | |
| More efficient to use shell pattern match to test for name length. | |||
| 2010-10-30 | Fix 5247: Firewall groups CLI becomes out of sync with ipset when sets and ↵ | Stig Thormodsrud | |
| deletes are contained within a single commit | |||
| 2010-09-13 | Fix bug 6149 Warning on boot because of modprobe config file names | Mohit Mehta | |
| * rename existing files instead of removing em. rename sip option file as well | |||
| 2010-09-13 | Fix Bug 6149 Warning on boot because of modprobe config file names | Mohit Mehta | |
| * add .conf suffix to files in /etc/modprobe.d * remove old files without the suffix [from a previous release] during upgrade | |||
| 2010-09-10 | Fix Bug 5309 Allow modifyining TCP MSS option | Mohit Mehta | |
| * add the ability to modify TCP MSS value using modify|ipv6-modify rulesets | |||
| 2010-08-17 | remove low-level config dir usage | An-Cheng Huang | |
| 2010-08-17 | update help text to use val_help | An-Cheng Huang | |
| 2010-08-17 | Fix 5917: FW: Max characters exceeded for ipset rule when using "set firewall | Stig Thormodsrud | |
| group address-group" command - handle special case where temp group begins with a '-'. (cherry picked from commit fa22559d3baa7ae5443f14e0ff774c4d6a49cc36) | |||
| 2010-08-17 | fix bug 6055 firewall rule help strings are confusing | Mohit Mehta | |
| * add val_help for firewall rule nodes (cherry picked from commit 0a1eb7471e1ec478b2eb22200ab5fc42eaba1e8e) | |||
| 2010-08-17 | fix range in help strings for count parameter under recent | Mohit Mehta | |
| (cherry picked from commit 3210dfe5d41f926840fd9ee6981a9fa89534cfd7) | |||
| 2010-08-11 | remove CLI backend env variables usage | An-Cheng Huang | |
| * use the new cli-shell-api instead. | |||
| 2010-07-27 | Fix 5917: FW: Max characters exceeded for ipset rule when using "set ↵ | Stig Thormodsrud | |
| firewall group address-group" command (cherry picked from commit 37638769fdaf40c5882eef3614e02f0aadbb1bba) | |||
| 2010-07-27 | Convert firewall rules to val_help: | Stephen Hemminger | |
| Convert some (but not all) of existing rules using comp_help: to use val_help: (cherry picked from commit 77e13fa992a50cc5721bbad64235bff8f8ecd50d) | |||
| 2010-07-21 | undo verb usage at the start of help strings | Mohit Mehta | |
| 2010-07-15 | Fix bug 4629 configuration limit of recent count firewall rule is 20 | Mohit Mehta | |
| * raise recent count limit to 255. add syntax check to disallow invalid values | |||
| 2010-06-11 | Add support for firewall enable-default-log. | Stig Thormodsrud | |
| 2010-05-31 | Bugfix 5632: Add ability to configure SIP UDP port numbers. | Bob Gilligan | |
| 2010-05-20 | need to restart conntrackd when conntrack table size changes | Mohit Mehta | |
| 2010-05-17 | Fix Bug 5588 Add ability to modify conntrack expectation table size | Mohit Mehta | |
| * added 'firewall conntrack-expect-table-size' to modify expect table's size * added 'firewall conntrack-hash-size' to set hash size for conntrack table | |||
| 2010-03-18 | Fix firewall group parent delete while still referenced. | Stig Thormodsrud | |
| 2010-02-15 | Fix 5227: firewall group config can get out of sync with ipset | Stig Thormodsrud | |
| 2010-01-04 | Add same restrictions to ipv6-firewall name | Stephen Hemminger | |
| See Bug 4156 fix. | |||
| 2010-01-04 | Don't allow spaces or other shell-confusing characters in firewall name | Stephen Hemminger | |
| Don't allow space, verticalbar, semicolon, ampersand, dollar sign, less or greater than in rule name. This is because of lack of quoting in perl processing Bug 4156 | |||
| 2009-11-30 | added required keyword to help text. | Michael Larson | |
| 2009-10-21 | move priority after tag nodes. | slioch | |
| 2009-10-20 | add priority to node.def files. | slioch | |
| 2009-10-02 | Change syntax exec to syntax pattern. | Stig Thormodsrud | |
| 2009-09-22 | Bugfix 4951: Don't fail if IPv6 kernel module is not loaded. | Bob Gilligan | |
| Handle the case where the IPv6 kernel module is not loaded more gracefully. | |||
| 2009-08-31 | fix for bug 4794 SIP Helper/ALG module does not translate RTP traffic... | rbays | |
| added new configuration parameters: firewall conntrack-options sip enable-indirect-media firewall conntrack-options sip enable-indirect-signalling (cherry picked from commit 8d73836b37bae1cb8e8211bc483bf55c51241542) | |||
| 2009-08-07 | * Fix Bug 3625 Firewall protocol option should have a selection for TCP and UDP | Mohit Mehta | |
| added tcp_udp as a valid protocol value to match both tcp and udp in 1 rule | |||
| 2009-07-31 | Fix 4683: Firewall Rule number maximum 1024 reached | Stig Thormodsrud | |
| (cherry picked from commit 90fb731c3a846e9a951c6fd1c5f73082e2bcf93a) | |||
| 2009-06-15 | Fix negate of firewall group. | Stig Thormodsrud | |
| 2009-06-15 | Firewall groups fail on bootup - change syntax check to commit check. | Stig Thormodsrud | |
| 2009-06-02 | Change syntax err msg from default-policy to default-action. | Stig Thormodsrud | |
| 2009-06-02 | Change firewall default-policy to default-action. | Stig Thormodsrud | |
 |
index : vyatta-cfg-firewall.git | |
| Configuration templates and scripts for the firewall subsystem. (mirror of https://github.com/vyos/vyatta-cfg-firewall.git) |
| summaryrefslogtreecommitdiff |