Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-01-21 | firewall: T2199: Verify correct ICMP protocol for ipv4/ipv6 | sarthurdev | |
2022-01-21 | firewall: T4186: ICMP/v6 migrations | sarthurdev | |
2022-01-21 | firewall: T4130: Use correct table to check for state policy rule | sarthurdev | |
2022-01-20 | firewall: T2199: Add log prefix to match legacy perl behaviour | sarthurdev | |
Example syslog: [FWNAME-default-D] ... * Also clean-up firewall default-action | |||
2022-01-19 | Merge pull request #1177 from sarthurdev/mac_groups | Christian Poessinger | |
firewall: T3560: Add support for MAC address groups | |||
2022-01-19 | Merge pull request #1176 from sarthurdev/firewall | Christian Poessinger | |
firewall: T1292: T2199: Cleanup rules used by chain to be deleted, check if chain in use by zone-policy | |||
2022-01-19 | Merge pull request #1179 from fett0/T4195 | Christian Poessinger | |
OSPF : T4195: ability to set maximum paths for OSPF | |||
2022-01-19 | OSPF : T4195: ability to set maximum paths for OSPF | fett0 | |
2022-01-18 | firewall: T2199: Raise ConfigError if deleted node is used in zone-policy | sarthurdev | |
2022-01-18 | firewall: policy: T1292: Clean up any rules required to delete a chain | sarthurdev | |
2022-01-18 | firewall: T3560: Add support for MAC address groups | sarthurdev | |
2022-01-18 | Merge pull request #1178 from sarthurdev/firewall_T4188 | Christian Poessinger | |
firewall: T4188: Create default conntrack `FW_CONNTRACK` chain | |||
2022-01-18 | firewall: T4188: Create default conntrack `FW_CONNTRACK` chain | sarthurdev | |
This chain was missing from the XML/Python rewrite thus all traffic fell through to the `notrack` rule. | |||
2022-01-17 | bgp: T3741: bugfix migrator - exit() was called without saving | Christian Poessinger | |
2022-01-17 | Merge pull request #1174 from sarthurdev/firewall | Christian Poessinger | |
firewall: T4178: T3873: tcp flags syntax refactor, intra-zone-filtering fix | |||
2022-01-17 | firewall: T2199: Fix `port-range` validator to accept service names | sarthurdev | |
2022-01-17 | zone-policy: T3873: Fix intra-zone-filtering return to zone default-action | sarthurdev | |
2022-01-17 | firewall: policy: T4178: Migrate and refactor tcp flags | sarthurdev | |
* Add support for ECN and CWR flags | |||
2022-01-16 | Revert "migrator: interfaces: T4171: bugfix ConfigTreeError" | Christian Poessinger | |
This reverts commit 29efbf51efea559773f61703f11a77a8aee6de36. | |||
2022-01-16 | Revert "migrator: interfaces: T4171: bugfix ConfigTreeError" | Christian Poessinger | |
This reverts commit 391ce22b76190309f81e048ebffab778b0fdee1d. | |||
2022-01-16 | dns-forwarding: T1595: remove unnecessary nesting in migration script 1 -> 2 | Christian Poessinger | |
2022-01-16 | bgp: T3741: remove unnecessary exit() in migration script 1 -> 2 | Christian Poessinger | |
2022-01-15 | smoketest: ntp: T4184: check for "restrict default ignore" presencex | Christian Poessinger | |
2022-01-15 | smoketest: ntp: re-organize testcases | Christian Poessinger | |
Drop the overcomplex function get_config_value() to search for NTPd configuration values. Rather assemble the required string and probe for its presence in the configuration like we do on most other smoketests. | |||
2022-01-15 | Merge pull request #1171 from sever-sever/T4184 | Christian Poessinger | |
ntp: T4184: Fix allow-clients address | |||
2022-01-15 | ntp: T4184: Fix allow-clients address | Viacheslav | |
NTP-server with option "allow-clients address x.x.x.x" should accept requests only from clients addresses which declared in configuration if this option exists Add "restrict default ignore" to fix it, in another case it responce to any address | |||
2022-01-15 | Merge pull request #1169 from sever-sever/T4183 | Christian Poessinger | |
wireguard: T4183: Allow to set peer IPv6 link-local address | |||
2022-01-14 | wireguard: T4183: Allow to set peer IPv6 link-local address | Viacheslav | |
2022-01-14 | Merge pull request #1164 from sever-sever/T4179 | Christian Poessinger | |
op-mode: T4179: Add op-mode CLI show virtual-server | |||
2022-01-14 | Merge pull request #1167 from sarthurdev/firewall | Christian Poessinger | |
firewall: T4178: Use lowercase for TCP flags and add an validator | |||
2022-01-14 | firewall: T4178: Use lowercase for TCP flags and add an validator | sarthurdev | |
2022-01-13 | Merge pull request #1166 from sever-sever/T4182 | Christian Poessinger | |
vrrp: T4182: Check if VRRP configured in op mode | |||
2022-01-13 | op-mode: T4179: Add op-mode CLI show virtual-server | Viacheslav | |
2022-01-13 | vrrp: T4182: Check if VRRP configured in op mode | Viacheslav | |
There is a situation when service keepalived is active but there a no any "vrrp" configuration. In that case "show vrrp" hangs up because it expect data from keepalived daemon which can't get Check if "vrrp" exists in configuration and only then check if pid is active | |||
2022-01-13 | Merge pull request #1168 from fett0/T4181 | Christian Poessinger | |
Firewall: T4181: Set correct description for ipv6-network-group | |||
2022-01-13 | Firewall: T4181: Set correct description for ipv6-network-group | fett0 | |
2022-01-13 | Merge pull request #1163 from sever-sever/T4177 | Christian Poessinger | |
strip-private: T4177: Fix for hiding private data token/url/bucket | |||
2022-01-13 | strip-private: T4177: Fix for hiding private data token/url/bucket | Viacheslav | |
Add URL, token and bucket hidind data when is used function "strip-private" | |||
2022-01-13 | Merge pull request #1162 from sever-sever/T3872 | Christian Poessinger | |
monitoring: T3872: Add just required interfaces for ethtool telegraf template | |||
2022-01-13 | monitoring: T3872: Add just required interfaces for ethtool | Viacheslav | |
Telegraf ethtool input filter expected ethX interfaces and not other interfaces like vlans/tunnels/dummy Add "interface_include" option to telegraf template. | |||
2022-01-13 | monitoring: T3872: Rewrite input filter custom_script | Viacheslav | |
Rewrite and improve the custom input filter telegraf script "show_interfaces_input_filter.py" to more readable and clear format Fix bug when it failed with configured tunnel "tunX" interfaces | |||
2022-01-12 | Merge pull request #1161 from sarthurdev/firewall | Christian Poessinger | |
firewall: T4160: Fix support for inverse matches | |||
2022-01-12 | firewall: T4160: Fix support for inverse matches | sarthurdev | |
2022-01-11 | migrator: interfaces: T4171: bugfix ConfigTreeError | Christian Poessinger | |
2022-01-11 | Merge pull request #1160 from bjw-s/T4174 | Christian Poessinger | |
firewall: validators: T4174: Correct upper port range boundary | |||
2022-01-11 | Merge pull request #1159 from sarthurdev/firewall | Christian Poessinger | |
policy: T2199: Update op-mode syntax to `route6` | |||
2022-01-11 | firewall: validators: T4174: Correct upper port range boundary | Bᴇʀɴᴅ Sᴄʜᴏʀɢᴇʀs | |
2022-01-11 | policy: T2199: Update op-mode syntax to `route6` | sarthurdev | |
2022-01-11 | Merge pull request #1157 from nicolas-fort/T4162 | Christian Poessinger | |
vpn: T4162: Correct helper description for ikev2-reauth | |||
2022-01-11 | Merge pull request #1158 from sarthurdev/firewall | Christian Poessinger | |
firewall: policy: T4131: T4144: T4159: T4164: Fix reported firewall issues, policy-route refactor |