aboutsummaryrefslogtreecommitdiffstats
path: root/package/firewall/files
Commit message (Expand)AuthorAgeFilesLines
* firewall: make ESTABLISHED,RELATED rules match before INVALID, use conntrack ...Jo-Philipp Wich2011-09-011-8/+8
* firewall: further tune ICMPv6 default rules according to RFC4890 (#9893)Jo-Philipp Wich2011-08-142-1/+17
* firewall: prevent redundant rules if multiple ports and multiple icmp types a...Jo-Philipp Wich2011-07-261-7/+16
* firewall: fix serious bug in state var handling (#9746)Jo-Philipp Wich2011-07-201-2/+2
* firewall: rework state variable handling, use uci_toggle_state() where applic...Jo-Philipp Wich2011-07-151-17/+24
* firewall: make sure that -m mac is used with --mac-source, follow up to r27508Jo-Philipp Wich2011-07-071-1/+1
* firewall: also correct another variable missed in previous commitDaniel Dickinson2011-07-071-1/+1
* firewall: fix wrong variable names for protocol command line parameter - were...Daniel Dickinson2011-07-071-2/+2
* firewall: - solve scoping issues when multiple values are used, thanks Daniel...Jo-Philipp Wich2011-07-063-29/+25
* firewall: fix udp rules for tcpudp proto rules using src_port and dest_port a...Daniel Dickinson2011-07-061-0/+7
* firewall: fix port range quirk in previous commitJo-Philipp Wich2011-07-011-2/+2
* firewall: properly handle negated ports in nat reflectionJo-Philipp Wich2011-07-011-4/+12
* firewall: refine default ICMPv6 rules to better conform with RFC4890, do not ...Jo-Philipp Wich2011-06-301-13/+2
* firewall: restore local port relocation ability from r26617Jo-Philipp Wich2011-06-301-3/+3
* firewall: - allow multiple ports, protocols, macs, icmp types per rule - impl...Jo-Philipp Wich2011-06-305-73/+219
* firewall: ensure that fw_get_subnet4() sets an empty value if no (valid) IPv4...Jo-Philipp Wich2011-06-161-0/+1
* firewall: allow symbolic names of interfaces and aliases in masq_src and masq...Jo-Philipp Wich2011-06-162-2/+27
* firewall: explictely mention network in default configuration, makes it less ...Jo-Philipp Wich2011-05-201-0/+2
* firewall: revert accidential committed changes from r26805Jo-Philipp Wich2011-05-021-39/+11
* firewall: provide examples of ssh port relocation on firewall and IPsec passt...Jo-Philipp Wich2011-05-022-11/+61
* firewall: prevent excessive uci state data aggregation (#9152)Jo-Philipp Wich2011-04-201-0/+2
* firewall: allow local redirection of portsJo-Philipp Wich2011-04-121-3/+2
* firewall: prevent duplicate values in interface state varsJo-Philipp Wich2011-03-301-1/+4
* Keep firewall.user during sysupgradesTravis Kemen2011-03-201-0/+1
* firewall: move include sourcing into a subshell, this makes the firewall init...Jo-Philipp Wich2011-03-021-2/+4
* firewall: fix rule generation for v4 or v6 only zones (#8955)Jo-Philipp Wich2011-03-011-0/+3
* firewall: fix wrong rule order if multiple protocols are usedJo-Philipp Wich2011-01-271-3/+3
* firewall: insert SNAT and DNAT rules according to the order of the configurat...Jo-Philipp Wich2010-10-082-2/+5
* firewall: also establish forward rules when setting up nat reflection, back o...Jo-Philipp Wich2010-10-031-6/+15
* firewall: fix chain selection logic, option dest must be ignored for notrack ...Jo-Philipp Wich2010-09-281-6/+5
* firewall: don't setup nat reflection if negations are usedJo-Philipp Wich2010-09-281-0/+3
* fireall: - support negations for src_ip, dest_ip, src_dip options in rules an...Jo-Philipp Wich2010-09-284-27/+41
* firewall: protect iptables invocations with locks in interface ops, it might ...Jo-Philipp Wich2010-09-191-0/+4
* firewall: make invalid redirects and duplicate zones non-fatal, print a notic...Jo-Philipp Wich2010-09-163-9/+11
* firewall: run ifdown hotplug events synchronized, fixes a racecondition on "i...Jo-Philipp Wich2010-09-152-9/+7
* firewall: deliver remove hotplug events for all active zones/networks when re...Jo-Philipp Wich2010-09-142-2/+41
* firewall: - simplify masquerade rule setup - remove various subshell invocati...Jo-Philipp Wich2010-09-116-93/+113
* firewall: - fix possible endless loop when the family option is used for forw...Jo-Philipp Wich2010-09-052-4/+6
* firewall: introduce SNAT support for redirect sectionsJo-Philipp Wich2010-09-052-3/+18
* firewall: add option to disable NAT reflectionJo-Philipp Wich2010-09-041-0/+4
* firewall: - handle NAT reflection in firewall hotplug, solves synchronizing i...Jo-Philipp Wich2010-09-043-6/+30
* firewall: - fix processing of rules with an ip family option - append interfa...Jo-Philipp Wich2010-08-313-41/+62
* firwall: fix nat reflection for zones covering multiple networksJo-Philipp Wich2010-07-311-34/+56
* firewall: add basic NAT reflection/NAT loopback supportJo-Philipp Wich2010-07-311-0/+79
* firewall: allow redirecting only destination port (#7197)Jo-Philipp Wich2010-07-161-2/+3
* firewall: fix another notrack related bugJo-Philipp Wich2010-07-151-1/+1
* firewall: - notrack support was broken in multiple ways, fix it - also consid...Jo-Philipp Wich2010-07-154-8/+10
* firewall: - support alias ifnames different from parent ifname - properly han...Jo-Philipp Wich2010-06-021-10/+23
* firewall: Initial alias interface support. This allows to define zones coveri...Jo-Philipp Wich2010-06-012-28/+85
* firewall: change the order of IPv4/IPv6 address detection, fixes mixed notati...Jo-Philipp Wich2010-05-312-2/+2