vyos-1x.git/interface-definitions/include/firewall, branch current VyOS command definitions, scripts, and utilities (mirror of https://github.com/vyos/vyos-1x.git) https://git.amelek.net/vyos/vyos-1x.git/atom?h=current 2025-06-17T15:16:51+00:00 firewall: T6951: Add a configuration command for ethertypes that bridge firewalls should always accept 2025-06-17T15:16:51+00:00 Nataliia Solomko natalirs1985@gmail.com 2025-06-13T09:20:40+00:00 urn:sha1:8dbc3c5e67cc1fd043a78dd3446a1a733ebd814f T7523: firewall: Accepting invalid traffic for pppoe discovery and wol 2025-06-05T04:25:21+00:00 opswill will@nixops.org 2025-06-05T04:04:10+00:00 urn:sha1:bfdba4079b0a76a8c578277adae3f36add832b41 T7512: firewall: Modify accepting invalid traffic for VLAN aware bridge 2025-06-02T04:52:08+00:00 Indrajit Raychaudhuri irc@indrajit.com 2025-06-02T04:32:13+00:00 urn:sha1:b47adae7a3e963bfca3b775f4b84d5121907c76d Allow accepting invalid packets for ethernet types `8021q` and `8021ad` in addition to ARP and UDP types so that stateful bridge firewall works for VLAN-aware bridges in addition to regular bridges. xml: T7467: remove ^/$ wrapping from validation regexes 2025-05-20T12:54:06+00:00 Daniil Baturin daniil@baturin.org 2025-05-20T12:54:06+00:00 urn:sha1:de7af067e8a62471437d97c96de2078cdbe22b0a since the validation utility adds them implicitly T7386: firewall: allow mix of IPv4 and IPv6 addresses/prefixes/ranges in remote groups 2025-05-07T14:55:00+00:00 Mark Hayes mark.hayes0338@gmail.com 2025-04-25T15:10:07+00:00 urn:sha1:02c63e7ded23ea90d55638f768ff943671c2c574 firewall: T7358: add offload option to global state policy 2025-04-16T18:49:44+00:00 l0crian1 ryan.claridge13@gmail.com 2025-04-16T16:31:34+00:00 urn:sha1:382c6fc6ffe76d7ce418018f69902572701215a3 Since the jump to the global state chain is inserted before all rules, it wasn't possible to use offload with the global state policies This commit adds a new chain for offloaded traffic in the forward chain and jumps to that chain. Please enter the commit message for your changes. Lines starting firewall: T5493: Implement remote-group 2025-03-21T20:08:50+00:00 Alex W embezzle.dev@proton.me 2025-01-30T20:22:41+00:00 urn:sha1:9e2bdc96ea63e7ee1adb002df17e0d9ecc1cd410 T6918: Fix punctuation 2024-12-17T03:03:53+00:00 opswill will@nixops.org 2024-12-17T03:03:53+00:00 urn:sha1:833d5866b69dc346d8127845f32ebdcf9b647e59 Co-authored-by: Daniil Baturin <daniil@baturin.org> T6918: Accept invalid PPPoE Session in stateful bridge firewall. 2024-12-13T07:50:06+00:00 opswill root@opswill.com 2024-12-13T03:25:01+00:00 urn:sha1:c94dabede31447f3d1eaded08b448f944087539d xml: T6430: add re-usable vrf CLI node for firewall and pbr 2024-10-07T15:17:42+00:00 Christian Breunig christian@breunig.cc 2024-10-07T15:13:14+00:00 urn:sha1:9c291d115d987cc635d1ef56898119c7d2bdfee6