summaryrefslogtreecommitdiff
path: root/templates
AgeCommit message (Collapse)Author
2018-04-20Merge pull request #11 from mtudosoiu/currentDaniil Baturin
Task T35 - enable prune-deleted-sets for inet6 family firewall templates
2018-04-19Task T35 - enable prune-deleted-sets for inet6 family firewall templatesMarian Tudosoiu
2018-03-26Merge pull request #9 from mtudosoiu/currentDaniil Baturin
Task T35 change to solve port-group issue
2018-03-23Task T35 change to solve port-group issueMarian Tudosoiu
2018-03-16Merge pull request #8 from mtudosoiu/currentDaniil Baturin
Task T35 place ipv6 groups under global group config tree
2018-03-14Task T35 place ipv6 groups under group config treeMarian Tudosoiu
2018-03-14Task T35 place ipv6 groups under group config treemtudosoiu
2018-03-14Task T35 place ipv6 groups under group config treemtudosoiu
2018-03-14Task T35 place ipv6 groups under group config treemtudosoiu
2018-03-14Task T35 place ipv6 groups under group config treemtudosoiu
2018-03-14Task T35 place ipv6 groups under group config treemtudosoiu
2018-03-14Task T35 change to place ipv6 address-groups and network groups under group ↵Marian Tudosoiu
config tree
2018-03-12Merge pull request #7 from mtudosoiu/currentDaniil Baturin
Task T35 - add support for IPv6 firewall adddress and network groups
2018-03-12Task T35 add generation of SNMP traps on firewall config changesMarian Tudosoiu
2018-03-12Task T35 - add support for IPv6 firewall adddress and network groupsMarian Tudosoiu
2018-03-02Show uncommited groups and table in policy route rules completion (fixes T572).Daniil Baturin
2015-12-12vyatta-cfg-firewall: update network-group check to allow "this" networkAlex Harpin
Update the check for network-groups to allow zero net addresses as they are accepted by the current version of ipset used in VyOS, rejecting only the 0.0.0.0/0 address. This allows the "this" network (0.0.0.0/8) to be used in network-groups. Bug #628 http://bugzilla.vyos.net/show_bug.cgi?id=628
2015-11-28vyatta-cfg-firewall: drop executable permissions on node.defsAlex Harpin
Drop the executable permissions present on a number of node.defs to remove lintian warnings.
2015-10-24vyatta-cfg-firewall: temporarily disable p2p option in firewall configAlex Harpin
Both the userspace library and the associated kernel module for the iptables ipp2p match target are currently missing and so this configuration returns an error when used. Disabling this option temporarily until the above issue has been resolved. Bug #602 http://bugzilla.vyos.net/show_bug.cgi?id=602
2015-05-03Bug #406: display uncommited firewall group names in completion.Daniil Baturin
2014-08-02Bug #115: disallow reserved firewall names in CLI validation.Daniil Baturin
2014-08-01Bug #45: add port range validation to firewall templates.Daniil Baturin
2014-07-31Bug #108: add an option to enable RFC1337 TCP TIME-WAIT hazards protectionDaniil Baturin
2014-04-27Bug #144: change priorities so route policy is after firewall groupsDaniil Baturin
so it's possible to use firewall groups in it. Fix suggested by Cesar Fazan.
2013-05-22Enable generation of SNMP traps on firewall config changesJames Davidson
Adds call to vyatta-firewall-trap.pl to end action of firewall nodes.
2013-05-15Add config node for firewall config change trapJames Davidson
2012-10-06Merge branch 'pacifica' of git.vyatta.com:/git/vyatta-cfg-firewall into pacificasusheela
2012-10-06PBR: config command validations, help strings etc. cleaned up andsusheela
includes fixes for 8355, 8362, 8365.
2012-10-04Bug 8200: Changed gred to not display shim6Bharat
2012-09-13Bug 8348: policy route <> rule <> action, 'modify' shouldn't be allowedRobert Bays
2012-09-05reserve upper table numbers for future useRobert Bays
2012-09-05add support for main tableRobert Bays
2012-09-03changes to policy tables to add acceptRobert Bays
updates to dscp node.def for better help text
2012-09-03Table should be between 1-250, not 1-249.Robert Bays
2012-09-03Add val_help for table numbersRobert Bays
2012-09-03lower priority on policy route node so it is run before interfacesRobert Bays
2012-09-03initial checkin for pbr functionalityRobert Bays
2012-08-29fix 8200, don't allow shim6 in allowed list of ipv4 protocols for firewallGaurav Sinha
2012-06-03Remove sudo from port-group syntax check callJohn Southworth
2012-06-02Make firewall syntax checks use the vyatta-util libraryJohn Southworth
2012-02-24Bug Fix for 7751, 7753, 7757Mohit Mehta
Add commit checks for 'state-policy' sub-tree
2012-01-06Fix help string of state-policy for related connectionsMohit Mehta
2011-12-02Warn users when stateful rules are set with state-policy configuredMohit Mehta
2011-12-01Bug 6063 ENH: Provide option(s) to globally allow stateful return trafficMohit Mehta
* add code to set global policy for established, related, invalid states
2011-11-08Remove conntrack-related code from firewall top level templateDaniil Baturin
(it was moved to vyatta-conntrack).
2011-11-05Remove remaining conntrack-related templates.Daniil Baturin
2011-11-05Remove conntrack-related templates from firewallDaniil Baturin
2011-05-03modify firewall groups to work with new commitnapa-devAn-Cheng Huang
2011-01-10Fix Bug 6292 iptables chain-name must be reduced to 28 characters maxMohit Mehta
* change syntax check to limit firewall ruleset names to 28 chars and bump firewall cfg-version to enable config migration (cherry picked from commit a0e5b2107d6073a103e0f0c04cc8656f8dc3816b)
2010-11-24Merge branch 'mendocino' of vm:rel/vyatta-cfg-firewall into mendocinoStephen Hemminger
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-28 15:26:54 +0000