summaryrefslogtreecommitdiff
path: root/templates
AgeCommit message (Collapse)Author
2009-06-15Fix negate of firewall group.Stig Thormodsrud
2009-06-15Firewall groups fail on bootup - change syntax check to commit check.Stig Thormodsrud
2009-06-02Change syntax err msg from default-policy to default-action.Stig Thormodsrud
2009-06-02Change firewall default-policy to default-action.Stig Thormodsrud
2009-06-02* fix syntax error messageMohit Mehta
2009-06-02Make firewall group comp_help more consistent with the rest of the cli.Stig Thormodsrud
2009-06-02* add default value of 1 for 'limit burst' in its node.defMohit Mehta
* add comp_help for 'limit rate' * make sure 'limit rate' is not less than 1/time unit
2009-05-13rectify regex checkMohit Mehta
2009-05-12Fix Bug 4394 reject is an invalid action for rules in modify rulesetsMohit Mehta
* remove reject as an allowed value for action field in modify & ipv6-modify firewall rulesets
2009-05-11Add 'reject' as a configurable value for default-policyMohit Mehta
under name and ipv6-name rulesets
2009-05-05* don't allow user to create a chain that exists in the system. This may beMohit Mehta
either vyatta/user defined chains or system chains such as INPUT, OUTPUT etc. * don't allow user to create chains with name starting from 'VZONE'. This is reserved for zone chains created by us.
2009-05-01* setup table only for specific tree, not both filter and mangleMohit Mehta
as we teardown table only for the tree that was in the CLI * remove 'next' statement for removed for loop * fix Bug 4244 - Committing firewall changes breaks WAN Load-balancing (WLB) we only delete chains that are configured under firewall and don't touch chains that might be owned by other features such as zone based firewall, WLB * remove unused code, code cleanup
2009-04-24Move setup/teardown out from top-level firewall node.Stig Thormodsrud
Add refcnts to know when to teardown.
2009-04-22Fix Bug 4261 - Features missing in various firewall sub-treesMohit Mehta
add 'disable', 'fragment', 'ipsec', and 'recent' under 'firewall modify' tree
2009-04-13Move firewall "end" processing down to each table.Stig Thormodsrud
Fix bug for global enable/disable of conntrack.
2009-04-09Add ability for firename to select default policy.Stig Thormodsrud
2009-04-07Apply interface firewalls to separate VYATTA_(IN|OUT)_HOOK.Stig Thormodsrud
This enforces in firewall to be processed before out firewall.
2009-04-03Bugfix 4261: Add support to configure "limit" for IPv6 modify rulesets.Bob Gilligan
2009-04-03Bugfix 4261: Add support to configure "limit" in IPv6.Bob Gilligan
2009-03-27Revert "Allow user configurable default-policy on firewall."Stig Thormodsrud
Further test identified a problem. The patch is broken if a packet must do both an in & out filter. This reverts commit 754d0f4d855a59020afa20ad8867218708b5c978.
2009-03-27Allow user configurable default-policy on firewall.Stig Thormodsrud
2009-03-26* add 'redirect' to Valid ICMPv6 TypesMohit Mehta
* add comp_help for ICMPv4 type-name
2009-03-06Remove per-interface firewall templates; They are now generated.Bob Gilligan
2009-02-27Prevent ';' from being used in a firewall name.Stig Thormodsrud
2009-02-26Add allow/comp_help to firewall action.Stig Thormodsrud
2009-02-25Use single quote around $VAR(@).Stig Thormodsrud
2009-02-25Revert "Make sure to quote $VAR(@)."Stig Thormodsrud
This reverts commit c5595b67948166f65c8ea2c1ce1890b9aa27fd3d.
2009-02-24Merge branch 'jenner' of http://git.vyatta.com/vyatta-cfg-firewall into jennerStig Thormodsrud
2009-02-24Make sure to quote $VAR(@).Stig Thormodsrud
2009-02-24add ipv6 accept_redirects and accept_source_route under firewallMohit Mehta
2009-02-24Limit firewall name to 29 characters since that is the iptables/ip6tablesStig Thormodsrud
limit.
2009-02-24Fix Bug 4150 enable loose reverse path filteringMohit Mehta
2009-02-23Add "ipv6-modify" firewall configuration sub-tree.Bob Gilligan
2009-02-19Fix Bug 3951 default values for kernel tunable security parameters under ↵Mohit Mehta
firewall
2009-02-19Fix Bug 3951 default values for kernel tunable security parameters under ↵Mohit Mehta
firewall
2009-02-18Multiple updates for IPv6:Bob Gilligan
- Added ICMPv6 config tree - Removed ICMP config tree (it's not used in IPv6) - Removed fragmentation tree (it's not used in IPv6) - Improved parsing for source and destination address parameters - Improved parsing for protocol parameter
2009-02-15Add support for ranges in firewall group address & port.Stig Thormodsrud
2009-02-13Fix Bug 4074 firewall broadcast ping parameter needs to be clarifiedMohit Mehta
make behavior as documented i.e. icmp broadcast pings are ignored unless 'firewall broadcast-ping' is set to 'enable' by user
2009-02-12Add firewall group nodes to firewall modify.Stig Thormodsrud
2009-02-12Merge branch 'jenner' of http://git.vyatta.com/vyatta-cfg-firewall into jennerStig Thormodsrud
2009-02-12Add allow values for firewall groups.Stig Thormodsrud
2009-02-12no need to use loop to echo allowed valuesMohit Mehta
2009-02-12better off storing icmp type-names than depend on iptables helpMohit Mehta
2009-02-10Change sudo usage to be more consistent.Stig Thormodsrud
2009-02-06Add validation of group type.Stig Thormodsrud
2009-02-02Add 1st pass of firewall group support (ipset netfilter moduleStig Thormodsrud
integration).
2009-02-02Bugfix 4052: Support PPPOE over an ethernet VIF.Bob Gilligan
2009-02-02Rever to specific IP version in help text.Bob Gilligan
2009-01-30Fix Bug 2741 ENH: filter based on ICMP Type/code by nameMohit Mehta
2009-01-26Fix Bug 2474 https://bugzilla.vyatta.com/show_bug.cgi?id=2474Mohit Mehta
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 10:30:46 +0000