Proxmox/pve-firewall
5
0
Fork 0
mirror of git://git.proxmox.com/git/pve-firewall.git synced 2025-02-08 09:57:29 +03:00
Code Releases Activity
511 Commits 6 Branches 0 Tags
Commit Graph

511 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dietmar Maurer
9eb84dc77a bump version to 2.0-10 2015-08-25 06:48:10 +02:00
Alen Grizonic
5471ff7cde subroutine for cloning vm's firewall config file 2015-08-25 06:47:03 +02:00
Dietmar Maurer
a3d34dacba bump version to 2.0-9 2015-08-19 15:43:15 +02:00
Alen Grizonic
edee90358f firewall remove config file subroutine added 
Signed-off-by: Alen Grizonic <a.grizonic@proxmox.com>
 2015-08-19 15:32:29 +02:00
Dietmar Maurer
2a42a23710 bump version to 2.0-8 2015-08-12 12:02:53 +02:00
Dietmar Maurer
e038c48552 adopt regresion tests for lxc containers 
Removed OpenVZ venet code.
 2015-08-12 11:59:18 +02:00
Alen Grizonic
fdefeeabaf removed firewall code for openVZ 
[PATCH 2/2] changed to [PATCH] with the following fix:

Subroutine verify_rule (re)fixed to correctly check only for "net\d+" interface device names
 2015-08-12 10:52:00 +02:00
Dietmar Maurer
33448a6eeb bump version to 2.0-7 2015-08-10 09:21:35 +02:00
Alen Grizonic
3b4882dc41 added firewall code for lxc 
Signed-off-by: Alen Grizonic <a.grizonic@proxmox.com>
 2015-08-10 09:20:36 +02:00
Dietmar Maurer
19f14465fb bump version to 2.0-6 2015-08-04 11:15:11 +02:00
Alen Grizonic
ff5d050e12 firewall ipversion comparison fix 
Signed-off-by: Alen Grizonic <a.grizonic@proxmox.com>
 2015-08-04 11:14:13 +02:00
Wolfgang Bumiller
5dc356afae local_network: ipv6 support + correctness 
Net::IP->overlaps returns more than just true or false, as
it tests both directions, we need IP_B_IN_A_OVERLAP in our
test.
Removed return on mask eq '0.0.0.0' as this doesn't exist in
the $ipv4_mask_hash_localnet.
 2015-07-28 09:20:33 +02:00
Wolfgang Bumiller
ab03c1a753 fix ipv6 address normalization 
inet_ntop only takes an addres, not a CIDR notation. Since
the normalized address should just be a compressed
lower-case address, Net::IP::ip_compress_address should be
sufficient.

inet_ntop didn't succeed before, the result of which was
that ipsets weren't generated at all for ipv6 address ranges.
 2015-07-28 09:20:01 +02:00
Dietmar Maurer
8feec9fa34 bump version to 2.0-5 2015-07-27 13:21:24 +02:00
Wolfgang Bumiller
b3d75afb1a ipv6 neighbor discovery and solicitation macros 2015-07-23 10:43:38 +02:00
Wolfgang Bumiller
21a18e538b Add ipv6 macros to the macro list 
Additionally there's now a way to specify ipv6-only or
ipv4-only macros.
 2015-07-23 10:41:33 +02:00
Wolfgang Bumiller
593604cccc ip6tables accepts both spellings of the word neighbor 2015-07-23 08:48:58 +02:00
Alen Grizonic
06ba9c44fa firewall - Ceph macro added 
Signed-off-by: Alen Grizonic <a.grizonic@proxmox.com>
 2015-07-22 08:17:46 +02:00
Dietmar Maurer
a0f1d07bcb fix path for DOCDIR 2015-06-27 16:34:40 +02:00
Dietmar Maurer
e02c77aa14 bump version to 2.0-4 2015-06-27 16:26:48 +02:00
Dietmar Maurer
feac0850a1 correctly install manual pages 2015-06-27 16:25:44 +02:00
Dietmar Maurer
76ae3cf31b fix lintian warning command-with-path-in-maintainer-script 2015-06-27 16:24:58 +02:00
Alen Grizonic
c05492d68d firewall instant API call apply 2015-06-26 10:57:09 +02:00
Alen Grizonic
f0184215f9 firewall_module_duplicate 
removed duplicated line of Data::Dumper use

Signed-off-by: Alen Grizonic <a.grizonic@proxmox.com>
 2015-06-26 10:54:50 +02:00
Alen Grizonic
72d055fc4a firewall autodisable 
firewall enable parameter type changed from boolean to integer so it can store
the timestamp of the firewall enable call to avoid an admin remote lockout

Signed-off-by: Alen Grizonic <a.grizonic@proxmox.com>
 2015-06-26 10:54:17 +02:00
Dietmar Maurer
eb4a29021e bump version to 2.0-3 2015-06-01 12:33:27 +02:00
Dietmar Maurer
48108683fe use noawait trigers for pve-api-updates 2015-06-01 12:32:17 +02:00
Dietmar Maurer
56bb2e6953 bump version to 2.0-2 2015-05-05 15:10:42 +02:00
Dietmar Maurer
6ceb98bbb1 trigger pve-api-updates event 2015-05-05 15:09:48 +02:00
Dietmar Maurer
2ba4951d7c allow admins to delete security groups 2015-03-18 06:13:37 +01:00
Dietmar Maurer
afcd29b3c5 always use local_network alias if specified by user 2015-03-16 06:32:42 +01:00
Dietmar Maurer
35d1d6dacc correctly emit ipv6 rules for host firewall 2015-03-15 10:23:29 +01:00
Dietmar Maurer
2b182f9c95 add PIDFile option for systemd services 2015-03-04 06:51:08 +01:00
Dietmar Maurer
7a8f346e3a install systemd service files 2015-03-03 13:37:40 +01:00
Dietmar Maurer
5679b3a862 implement permission for Alias class. 2015-03-02 10:37:07 +01:00
Dietmar Maurer
985d7ae03b do not use triggers 
This make problem on jessie, complaining about cyclic dependency loop.
 2015-03-02 10:14:29 +01:00
Dietmar Maurer
ff5363da02 fix path to ipset binary 2015-02-27 13:07:39 +01:00
Dietmar Maurer
a945f907c1 remove cman dependency 
depending on pve-cluster should be enough.
 2015-02-27 13:05:07 +01:00
Dietmar Maurer
0b18ebe80e recompile for debian jessie, bump version to 2.0-1 2015-02-27 12:27:52 +01:00
Dietmar Maurer
609f00c718 bump version to 1.0-18 2015-02-09 09:32:53 +01:00
Dietmar Maurer
04f5088f6b fix alias lookup 2015-02-09 09:31:18 +01:00
Dietmar Maurer
de48e65940 bump version to 1.0-17 2015-01-15 06:55:38 +01:00
Dietmar Maurer
9f7f534fd2 add preinst script 
Older versions of the pve-firewall daemon do not restart
with HUP, so we need to do a stop/start.
 2015-01-15 06:53:45 +01:00
Dietmar Maurer
a6811508c4 fix call to register_restart_command (set $use_hup to true) 2015-01-15 06:48:30 +01:00
Dietmar Maurer
88e44ee4eb remove class paramenter from register_XXX_command 2014-12-31 17:40:51 +01:00
Dietmar Maurer
8e47137802 simplify code (error log is done inside Daemon.pm) 2014-12-31 17:18:53 +01:00
Dietmar Maurer
cf10b505b2 improve logging 2014-12-31 12:34:17 +01:00
Dietmar Maurer
e3087bc69e fix arguments for register_restart_command 2014-12-18 13:48:24 +01:00
Dietmar Maurer
b92d2ed2c5 bump version to 1.0-16 2014-12-18 09:45:18 +01:00
Dietmar Maurer
a3d58ffc70 use Daemon class from pve-common 2014-12-18 09:41:48 +01:00