| Commit message (Expand) | Author | Age | Files | Lines |
* | firewall: relocate TCPMSS rules into mangle table, add code to selectively cl... | Jo-Philipp Wich | 2011-10-29 | 1 | -1/+1 |
* | firewall: do not produce 0.0.0.0/0 if a symbolic masq_src or masq_dest is giv... | Jo-Philipp Wich | 2011-10-27 | 1 | -1/+1 |
* | firewall: prevent ip6tables -t nat rules (#10265) | Jo-Philipp Wich | 2011-10-23 | 1 | -1/+1 |
* | firewall: fix another instance of unquoted "*" | Jo-Philipp Wich | 2011-10-22 | 1 | -1/+1 |
* | firewall: fix possible expansion of "*" when rules with "option src *" are pr... | Jo-Philipp Wich | 2011-10-22 | 1 | -1/+1 |
* | firewall: do not check for module availability, let iptables fail if a featur... | Jo-Philipp Wich | 2011-10-22 | 1 | -1/+1 |
* | firewall: make ESTABLISHED,RELATED rules match before INVALID, use conntrack ... | Jo-Philipp Wich | 2011-09-01 | 1 | -1/+1 |
* | firewall: further tune ICMPv6 default rules according to RFC4890 (#9893) | Jo-Philipp Wich | 2011-08-14 | 1 | -1/+1 |
* | firewall: prevent redundant rules if multiple ports and multiple icmp types a... | Jo-Philipp Wich | 2011-07-26 | 1 | -1/+1 |
* | firewall: fix serious bug in state var handling (#9746) | Jo-Philipp Wich | 2011-07-20 | 1 | -1/+1 |
* | firewall: rework state variable handling, use uci_toggle_state() where applic... | Jo-Philipp Wich | 2011-07-15 | 1 | -1/+1 |
* | firewall: make sure that -m mac is used with --mac-source, follow up to r27508 | Jo-Philipp Wich | 2011-07-07 | 1 | -1/+1 |
* | firewall: - solve scoping issues when multiple values are used, thanks Daniel... | Jo-Philipp Wich | 2011-07-06 | 1 | -1/+1 |
* | firewall: properly handle negated ports in nat reflection | Jo-Philipp Wich | 2011-07-01 | 1 | -1/+1 |
* | firewall: - allow multiple ports, protocols, macs, icmp types per rule - impl... | Jo-Philipp Wich | 2011-06-30 | 1 | -1/+1 |
* | firewall: allow symbolic names of interfaces and aliases in masq_src and masq... | Jo-Philipp Wich | 2011-06-16 | 1 | -1/+1 |
* | firewall: prevent excessive uci state data aggregation (#9152) | Jo-Philipp Wich | 2011-04-20 | 1 | -1/+1 |
* | firewall: prevent duplicate values in interface state vars | Jo-Philipp Wich | 2011-03-30 | 1 | -1/+1 |
* | Keep firewall.user during sysupgrades | Travis Kemen | 2011-03-20 | 1 | -0/+2 |
* | firewall: move include sourcing into a subshell, this makes the firewall init... | Jo-Philipp Wich | 2011-03-02 | 1 | -1/+1 |
* | firewall: fix rule generation for v4 or v6 only zones (#8955) | Jo-Philipp Wich | 2011-03-01 | 1 | -2/+2 |
* | firewall: fix wrong rule order if multiple protocols are used | Jo-Philipp Wich | 2011-01-27 | 1 | -1/+1 |
* | firewall: insert SNAT and DNAT rules according to the order of the configurat... | Jo-Philipp Wich | 2010-10-08 | 1 | -1/+1 |
* | firewall: mark /etc/firewall.user as conffile | Jo-Philipp Wich | 2010-10-05 | 1 | -0/+1 |
* | firewall: also establish forward rules when setting up nat reflection, back o... | Jo-Philipp Wich | 2010-10-03 | 1 | -1/+1 |
* | add maintainer information | Jo-Philipp Wich | 2010-09-30 | 1 | -0/+1 |
* | fireall: - support negations for src_ip, dest_ip, src_dip options in rules an... | Jo-Philipp Wich | 2010-09-28 | 1 | -1/+1 |
* | firewall: protect iptables invocations with locks in interface ops, it might ... | Jo-Philipp Wich | 2010-09-19 | 1 | -1/+1 |
* | firewall: make invalid redirects and duplicate zones non-fatal, print a notic... | Jo-Philipp Wich | 2010-09-16 | 1 | -1/+1 |
* | firewall: run ifdown hotplug events synchronized, fixes a racecondition on "i... | Jo-Philipp Wich | 2010-09-15 | 1 | -1/+1 |
* | firewall: deliver remove hotplug events for all active zones/networks when re... | Jo-Philipp Wich | 2010-09-14 | 1 | -1/+1 |
* | firewall: - simplify masquerade rule setup - remove various subshell invocati... | Jo-Philipp Wich | 2010-09-11 | 1 | -1/+1 |
* | firewall: introduce SNAT support for redirect sections | Jo-Philipp Wich | 2010-09-05 | 1 | -1/+1 |
* | firewall: clean up description (#7875) | Jo-Philipp Wich | 2010-09-04 | 1 | -1/+1 |
* | firewall: - handle NAT reflection in firewall hotplug, solves synchronizing i... | Jo-Philipp Wich | 2010-09-04 | 1 | -2/+3 |
* | firewall: - fix processing of rules with an ip family option - append interfa... | Jo-Philipp Wich | 2010-08-31 | 1 | -1/+1 |
* | firewall: add basic NAT reflection/NAT loopback support | Jo-Philipp Wich | 2010-07-31 | 1 | -1/+2 |
* | firewall: allow redirecting only destination port (#7197) | Jo-Philipp Wich | 2010-07-16 | 1 | -1/+1 |
* | firewall: - notrack support was broken in multiple ways, fix it - also consid... | Jo-Philipp Wich | 2010-07-15 | 1 | -1/+1 |
* | firewall: Initial alias interface support. This allows to define zones coveri... | Jo-Philipp Wich | 2010-06-01 | 1 | -1/+1 |
* | firewall: fix support for netranges in redirect and rule sections | Jo-Philipp Wich | 2010-05-30 | 1 | -1/+1 |
* | firewall: - fix ip6tables rules when icmp_type option is set - add "family" o... | Jo-Philipp Wich | 2010-05-19 | 1 | -1/+1 |
* | firewall (#7355) - partially revert r21486, start firewall on init again - sk... | Jo-Philipp Wich | 2010-05-19 | 1 | -1/+1 |
* | firewall: - defer firewall start until the first interface is brought up by h... | Jo-Philipp Wich | 2010-05-17 | 1 | -1/+1 |
* | firewall: - replace uci firewall with a modular dual stack implementation dev... | Jo-Philipp Wich | 2010-05-01 | 1 | -5/+7 |
* | firewall: fix a race condition preventing interfaces from being added to the ... | Jo-Philipp Wich | 2010-01-19 | 1 | -1/+1 |
* | adjust dependencies of firewall and qos-scripts, so that these packages are v... | Felix Fietkau | 2009-12-09 | 1 | -1/+1 |
* | firewall: initialize dest_port with src_dport if omitted in redirect sections... | Jo-Philipp Wich | 2009-12-01 | 1 | -1/+1 |
* | firewall: fix MSS issue affection RELATED new connections (closes: #5173) | Nicolas Thill | 2009-09-27 | 1 | -1/+1 |
* | firewall: properly dispatch delif events if the network has a different name ... | Jo-Philipp Wich | 2009-09-14 | 1 | -1/+1 |