Jo-Philipp Wich
|
a43f5b5038
|
firewall: insert SNAT and DNAT rules according to the order of the configuration file (#8052)
SVN-Revision: 23318
|
2010-10-08 12:11:55 +00:00 |
|
Jo-Philipp Wich
|
1a0d7a3612
|
firewall: fix chain selection logic, option dest must be ignored for notrack targets
SVN-Revision: 23143
|
2010-09-28 11:38:31 +00:00 |
|
Jo-Philipp Wich
|
6a335579b8
|
fireall: - support negations for src_ip, dest_ip, src_dip options in rules and redirects - add NOTRACK target to rule sections, allows to define fine grained notrack rules
SVN-Revision: 23141
|
2010-09-28 10:42:56 +00:00 |
|
Jo-Philipp Wich
|
f3dd8278bb
|
firewall: - simplify masquerade rule setup - remove various subshell invocations - speedup fw() by not relying on xargs and pipes - rework SNAT support - attach to dest zone, use src_dip/src_dport as snat source
SVN-Revision: 23024
|
2010-09-11 20:04:34 +00:00 |
|
Jo-Philipp Wich
|
07b571a239
|
firewall: Initial alias interface support. This allows to define zones covering alias interfaces and associated entries like rules and forwardings.
SVN-Revision: 21653
|
2010-06-01 21:58:48 +00:00 |
|
Jo-Philipp Wich
|
e25fbfccdf
|
firewall: fix support for netranges in redirect and rule sections
SVN-Revision: 21640
|
2010-05-30 23:49:47 +00:00 |
|
Jo-Philipp Wich
|
409edb1b8e
|
firewall: count rules per chain and family, fix wrong order of ip6tables rules when ipv4 only or dual family rules are defined
SVN-Revision: 21533
|
2010-05-22 02:01:19 +00:00 |
|
Jo-Philipp Wich
|
40ad9defcc
|
firewall: - fix ip6tables rules when icmp_type option is set - add "family" option to zones, forwardings, redirects and rules to selectively apply rules to iptables and/or ip6tables
SVN-Revision: 21508
|
2010-05-19 21:35:23 +00:00 |
|
Jo-Philipp Wich
|
c284cb51c0
|
firewall: - replace uci firewall with a modular dual stack implementation developed by Malte S. Stretz - bump version to 2
SVN-Revision: 21286
|
2010-05-01 18:22:01 +00:00 |
|