aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/config/firewall3/Makefile
Commit message (Collapse)AuthorAgeFilesLines
* firewall3: rename to firewall, move into base system menu, update to git ↵Jo-Philipp Wich2013-06-041-66/+0
| | | | | | head with compatibility fixes for AA git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36838 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git head (#13641)Jo-Philipp Wich2013-06-041-2/+2
| | | | | | * Fixes wrong chain used for zone forward policy git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36830 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git headJo-Philipp Wich2013-06-031-2/+2
| | | | | | - Fixes problems with reusing matches or targets from loadable extensions git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36826 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git headJo-Philipp Wich2013-05-271-8/+9
| | | | | | | | | - allows building without IPv6 support - uses more robust rules to cope with missing libext.a - uses better linking strategy to avoid symbol clashes with older iptables - introduces source compatiblity layer for different libxtables versions git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36736 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git headJo-Philipp Wich2013-05-261-2/+2
| | | | | | | | | - allows symbolic notation for src_ip, src_dip and dest_ip options, e.g. option src_ip 'lan' to automatically resolve to "192.168.1.0/24" - automatically infer destination zone for redirects from target ip, this makes 'dest' optional and nat reflection setup more robust - properly support output rules with dest '*' to hook directly into delegate_output - fixes crash when processing rules with unresolved targets git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36721 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git headJo-Philipp Wich2013-05-241-3/+3
| | | | | | - fixes linking issues with some toolchains git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36703 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git headJo-Philipp Wich2013-05-231-2/+2
| | | | | | | - Use weak references for instantiating libext*.a matches, makes fw3 independant from the compile time features of iptables - Do not leak memory when processing rules with unknown targets or matches git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36698 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: Remove abandonend includeSteven Barth2013-05-231-1/+1
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36692 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git headJo-Philipp Wich2013-05-221-2/+2
| | | | | | | - fix build on Linux < 3.7 - limit zone names to 14 bytes git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36691 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git headJo-Philipp Wich2013-05-221-2/+2
| | | | | | | | - fixes reload when firewall is not running already - fixes crash when ipsets are supported but undeclared - fixes handling of per zone user chains on reload git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36689 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git headJo-Philipp Wich2013-05-211-2/+2
| | | | | | | - fixes segfault in flush command if ipset support is not available - fixes internal rule generation if custom chains are enabled git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36686 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: move libext*.a copying to compile phaseJo-Philipp Wich2013-05-211-2/+2
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36684 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git headJo-Philipp Wich2013-05-211-3/+14
| | | | | | | * use libiptc and libxtables directly to manage ruleset, iptables-restore is unreliable and prone to race conditions * make ipset integration more reliable git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36681 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: Remove obsoleted ULA-borderSteven Barth2013-05-131-3/+1
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36624 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git headJo-Philipp Wich2013-05-021-2/+2
| | | | | | | - assume "tcp+udp" if no protcol is specified in rules or redirects (#13422, #13386) - add support for fwmark matches and mark setting targets git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36521 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: Make IPv6 ULA-Border generation dynamicSteven Barth2013-04-241-1/+3
| | | | | | This fixes working behind another router which gives out ULAs. git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36416 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git headJo-Philipp Wich2013-03-221-2/+2
| | | | | | | * fixes parsing of src/dest '*' * fixes parsing of proto 'all' git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36111 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git headJo-Philipp Wich2013-03-211-2/+2
| | | | | | * fixes port remapping rules (#13217) git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36100 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git headJo-Philipp Wich2013-03-191-2/+2
| | | | | | * fixes reload handling of zones and ipsets that are still running but already deleted from the config git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36092 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git headJo-Philipp Wich2013-03-191-2/+2
| | | | | | | - support network names in per-zone 'masq_src', 'masq_dest' and 'subnet' options (#13197) - do not allow src_mac option for SNAT rules git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36090 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git headJo-Philipp Wich2013-03-141-2/+2
| | | | | | | * Introduce "option reload" for includes to specify whether includes should be processed on reload (e.g. when tapping into internal chains) * Allow "network" and "device" commands while firewall is running (to make them usable in includes) git-svn-id: svn://svn.openwrt.org/openwrt/trunk@36009 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git headJo-Philipp Wich2013-03-131-2/+2
| | | | | | | | | | * Adds support for emitting hotplug events when creating and clearing zones (fixes miniupnpd) * Make NAT reflection direction configurable * Map init script stop action to flush * Map init script reload action to reload * Respect init script disabled state in hotplug handler git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35998 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git headJo-Philipp Wich2013-03-111-2/+2
| | | | | | | | | | * Fixes compilation against eglibc * Fixes tracking logic when selectively restarting IPv4 or IPv6 firewall * Fixes tracking logic for user chains by differentiating between reloads and restarts * Introduces per-zone user chains {input,output,forwarding,prerouting,postrouting}_$zone_rule * Supports legacy "tcpudp" protocol notation again git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35969 3c298f89-4303-0410-b956-a3cf2f4a3e73
* Revert "firewall3: update to git head"Jo-Philipp Wich2013-03-081-2/+2
| | | | | | This reverts commit 89969fa333c90fdb217b7289272f3427add107de. git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35904 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git headJo-Philipp Wich2013-03-081-2/+2
| | | | | | | - introduce per-zone user chains - support legacy "tcpudp" protocol notation git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35903 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: add default config and firewall.userJo-Philipp Wich2013-03-051-0/+9
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35889 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git head, introduces support for "enabled" optionJo-Philipp Wich2013-03-021-2/+2
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35845 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: clear contnrack table on flush, set policies to drop during rule ↵Jo-Philipp Wich2013-02-271-2/+2
| | | | | | reload git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35820 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: add support for shell script and iptables-restore style includesJo-Philipp Wich2013-02-221-2/+2
| | | | git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35744 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3: update to git headJo-Philipp Wich2013-02-211-2/+2
| | | | | | | | | - all uci rules are boxed in custom chains now, so a firewall stop leaves user rules intact - properly handle selective ipv4 or ipv6 only firewall start/stop/restart actions - support ip ranges (e.g. option src_ip '!192.168.1.1-192.168.1.100' -> -m iprange ! --src-range 192.168.1.1-192.168.1.100') - support time options (e.g. option weekdays 'Mon Tue Sat' -> -m time --weekdays 1,2,6') git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35738 3c298f89-4303-0410-b956-a3cf2f4a3e73
* firewall3 - a C implementation of the current firewall scriptsJo-Philipp Wich2013-02-171-0/+45
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35643 3c298f89-4303-0410-b956-a3cf2f4a3e73
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-04 06:28:30 +0000