aboutsummaryrefslogtreecommitdiffstats
path: root/package/firewall
Commit message (Collapse)AuthorAgeFilesLines
* fix typo in the uci firewall scriptFlorian Fainelli2009-05-261-1/+1
| | | | SVN-Revision: 16076
* firewall: automatically set up NOTRACK rules to disable connection tracking ↵Felix Fietkau2009-05-141-13/+43
| | | | | | for zones that have no masquerading, no conntrack and no forwarding from/to other zones with masq/conntrack SVN-Revision: 15855
* firewall: actually copy firewall.user to imageJo-Philipp Wich2009-04-191-0/+2
| | | | SVN-Revision: 15286
* firewall: process custom rules after forwardings and redirects, this ↵Jo-Philipp Wich2009-04-192-3/+3
| | | | | | actually allows blocking traffic to certain hosts and other rules SVN-Revision: 15278
* firewall: enable /etc/firewall.user by default and install sample ↵Jo-Philipp Wich2009-04-123-5/+9
| | | | | | firewall.user file SVN-Revision: 15221
* re-enable the mss fix by default for now - see discussion at ↵Felix Fietkau2009-01-311-5/+1
| | | | | | http://lists.openwrt.org/pipermail/openwrt-devel/2009-January/003724.html for more information SVN-Revision: 14293
* firewall: don't clear the mangle table at startup or stop - it doesn't use ↵Felix Fietkau2009-01-201-4/+0
| | | | | | it and clearing it breaks qos SVN-Revision: 14114
* firewall: introduce drop_invalid option to allow disabling the invalid state ↵Jo-Philipp Wich2009-01-161-7/+10
| | | | | | match SVN-Revision: 14061
* firewall: allow multiple interfaces to be part of one zone, fix the sanity ↵Felix Fietkau2009-01-162-39/+52
| | | | | | checks for that SVN-Revision: 14058
* firewall: clear the MSSFIX rulesFelix Fietkau2009-01-021-0/+1
| | | | SVN-Revision: 13826
* Unify portrange-support in firewall rule generator fixes #4404Steven Barth2009-01-011-0/+10
| | | | SVN-Revision: 13791
* disable the MSS fixup hack by default (most ISPs don't require this as a ↵Felix Fietkau2008-12-312-1/+9
| | | | | | workaround for MTU problems, only some do). this should give a nice speedup for routing on standard-compliant ISPs SVN-Revision: 13788
* fixes firewall for trunk, custom chains were never reched, as policies apply ↵John Crispin2008-10-141-3/+3
| | | | | | beforehand SVN-Revision: 12978
* fixes firewall rule generation. forwarding rules were inserted in input ↵John Crispin2008-09-281-3/+6
| | | | | | chains, fixes #4028 SVN-Revision: 12768
* custom chains were never reached on DROP/REJECT policy, fixes #4004 #4029John Crispin2008-09-281-3/+3
| | | | SVN-Revision: 12767
* set default input policy to ACCEPT to bring the firewall behavior closer to ↵Felix Fietkau2008-09-281-1/+1
| | | | | | the one of previous versions SVN-Revision: 12766
* firewall: fix default policies, add a check for duplicate defaults sections ↵Felix Fietkau2008-09-281-18/+34
| | | | | | and make custom chains more generic SVN-Revision: 12765
* firewall changes: - implement a REJECT policy and enable it by default, ↵Nicolas Thill2008-09-242-33/+57
| | | | | | reject packets with approriate response (closes: #3970) - cleanup syn_flood and remove logging SVN-Revision: 12688
* make the whole iptables/netfiter modular (closes: #3871, #3527)Nicolas Thill2008-09-221-1/+1
| | | | SVN-Revision: 12649
* Fixed a typo in the firewall scriptsSteven Barth2008-09-161-1/+1
| | | | SVN-Revision: 12616
* Fixed a typo in firewall scripts, closes #4000Steven Barth2008-09-151-1/+1
| | | | SVN-Revision: 12613
* make uci firewall backwards compatible to the old firewall.userJohn Crispin2008-08-271-2/+9
| | | | SVN-Revision: 12408
* add proto tcpudp to firewallJohn Crispin2008-08-271-38/+51
| | | | SVN-Revision: 12407
* fix device duplication in firewall if the balancing of ifup and ifdown is brokenJohn Crispin2008-08-271-2/+9
| | | | SVN-Revision: 12404
* make sure uci firewall reverts its states when stoppedJohn Crispin2008-08-271-0/+1
| | | | SVN-Revision: 12403
* fixes uci firewall init order, Signed-off-by: Roberto RiggioJohn Crispin2008-08-271-2/+2
| | | | SVN-Revision: 12402
* firewall: Added support for port-ranges as firstPort-lastPort to redirect ↵Steven Barth2008-08-271-0/+17
| | | | | | sections SVN-Revision: 12396
* adds 5 new chains to the uci firewall that can be used to hook custom rulesJohn Crispin2008-08-271-1/+16
| | | | SVN-Revision: 12395
* adds more sanity checks to uci firewallJohn Crispin2008-08-261-0/+4
| | | | SVN-Revision: 12392
* use proto instead of protocol in uci firewallJohn Crispin2008-08-262-6/+6
| | | | SVN-Revision: 12391
* fix some firewall script typos (patch from #3897)Felix Fietkau2008-08-171-2/+3
| | | | SVN-Revision: 12332
* fix typo, proto should be protocolTravis Kemen2008-08-161-1/+1
| | | | SVN-Revision: 12318
* trigger error if dport is used when no proto is definedJohn Crispin2008-08-151-0/+4
| | | | SVN-Revision: 12317
* fixes firewall makefile descriptionJohn Crispin2008-08-111-1/+1
| | | | SVN-Revision: 12285
* uci firewall - make uci firewall default and remove old code - fix up ↵John Crispin2008-08-1110-314/+5
| | | | | | dependencies SVN-Revision: 12284
* uci_firewall - fixes hotplug.d scriptJohn Crispin2008-08-111-1/+1
| | | | SVN-Revision: 12282
* uci firewall - remove implicit creation of zones, based on network interfacesJohn Crispin2008-08-112-9/+1
| | | | SVN-Revision: 12281
* adds a new uci firewall - iptbales and netfilter packages need to be ↵John Crispin2008-08-0410-0/+782
rewrapped when we switch to this firewall as default - there are some examples in the file /etc/config/firewall - iptables-save/restore are still missing - hotplug takes care of adding/removing netdevs during runtime - misisng features ? wishes ? let me know ... SVN-Revision: 12089
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-28 20:56:08 +0000