5
0
mirror of git://git.proxmox.com/git/pve-firewall.git synced 2025-03-13 00:58:15 +03:00

Commit Graph

  • c600be9cf6 fix #5925: vnet: add parsing logic for log_level_forward master Stefan Hanreich 2024-11-25 15:30:42 +01:00
  • b5377394d1 bump version to 5.1.0 Thomas Lamprecht 2024-11-19 16:38:09 +01:00
  • b71e4ad61a d/control: record dependency for libpve-rs-perl Thomas Lamprecht 2024-11-19 16:43:30 +01:00
  • f2ea69b4c2 d/control: record dependency for libpve-network-perl Thomas Lamprecht 2024-11-19 16:21:19 +01:00
  • 2afc17e09a firewall: move to arrow syntax for calling functions Stefan Hanreich 2024-11-19 13:22:50 +01:00
  • 49d2d028e5 api: add vnet endpoints Stefan Hanreich 2024-11-19 13:22:49 +01:00
  • aa6aa578e8 sdn: add vnet firewall configuration Stefan Hanreich 2024-11-19 13:22:48 +01:00
  • 75a84a6b9e sdn: always include SDN configuration Stefan Hanreich 2024-11-19 16:36:08 +01:00
  • 2e9eb2dbd8 ipsets: return sdn ipsets from api Stefan Hanreich 2024-11-19 13:17:20 +01:00
  • 9734f890c4 add support for loading sdn firewall configuration Stefan Hanreich 2024-11-19 13:17:19 +01:00
  • 632d02a8e2 nftables: make is_nftables check flag file instead of config Stefan Hanreich 2024-11-15 13:09:33 +01:00
  • 4339ef1526 bump version to 5.0.7 Thomas Lamprecht 2024-04-30 10:30:25 +02:00
  • 21e5d52232 also signal force-disable nftables if FW is completely disabled Thomas Lamprecht 2024-04-30 10:27:18 +02:00
  • c71345969d bump version to 5.0.6 Thomas Lamprecht 2024-04-26 17:19:57 +02:00
  • 719bdfaab9 service: create flag file to signal if nftables impl should not run Thomas Lamprecht 2024-04-26 16:04:51 +02:00
  • e59c8fd1b5 buildsys: avoid that the dinstall target always triggers a rebuild Thomas Lamprecht 2024-04-26 15:43:27 +02:00
  • 29b48c381d bump version to 5.0.5 Thomas Lamprecht 2024-04-23 13:11:55 +02:00
  • b5c4c33632 simulator: use new bridge naming scheme Stefan Hanreich 2024-04-12 10:07:36 +02:00
  • 50af7e0970 bump version to 5.0.4 Thomas Lamprecht 2024-04-19 20:04:25 +02:00
  • 60abf93972 add configuration option for new nftables firewall Stefan Hanreich 2024-04-19 11:42:36 +02:00
  • 3640b561ed fix #5335: stable sorting in cluster.fw Daniel Krambrock via pve-devel 2024-04-16 09:26:45 +02:00
  • 9c7002056a bump version to 4.3-5 stable-7 Wolfgang Bumiller 2023-07-17 10:43:45 +02:00
  • a44f43613a parser: fix scoped alias resolution Leo Nunner 2023-07-11 11:41:15 +02:00
  • 372869e075 bump version to 5.0.3 Wolfgang Bumiller 2023-07-17 10:40:17 +02:00
  • 1f0303f82a parser: fix scoped alias resolution Leo Nunner 2023-07-11 11:41:15 +02:00
  • 0d28aa2abc bump version to 5.0.2 Thomas Lamprecht 2023-06-21 19:17:27 +02:00
  • b06a8c2d03 fix #4556: api: return scoped IPSets and aliases Leo Nunner 2023-06-13 14:06:33 +02:00
  • f6207e0eb2 api: fix scoping for ipset endpoint Leo Nunner 2023-06-13 14:06:32 +02:00
  • aaa87fbb83 api: fix scoping for ipset endpoint Leo Nunner 2023-06-13 14:06:32 +02:00
  • 355420892e bump version to 5.0.1 Wolfgang Bumiller 2023-06-07 16:06:17 +02:00
  • 5bf304b587 change vm/ prefix to guest/ prefix Wolfgang Bumiller 2023-06-07 15:55:35 +02:00
  • a1f38f543c bump version to 4.3-4 Wolfgang Bumiller 2023-06-07 15:48:28 +02:00
  • d0fbd3d24f change vm/ prefix to guest/ prefix Wolfgang Bumiller 2023-06-07 15:55:35 +02:00
  • 9405f42be8 d/control: add missing anyevent dependency Wolfgang Bumiller 2023-06-07 14:30:05 +02:00
  • eeed0d90c9 fix #4556: introduce 'dc' and 'vm' prefix for aliases Leo Nunner 2023-06-07 12:17:49 +02:00
  • 856de23adb fix #4556: introduce 'dc' and 'vm' prefix for IPSets Leo Nunner 2023-06-07 12:17:48 +02:00
  • 3d56081892 bump version to 4.3-3 Wolfgang Bumiller 2023-06-07 15:09:19 +02:00
  • 5dd4eb2e7f d/control: add missing anyevent dependency Wolfgang Bumiller 2023-06-07 14:30:05 +02:00
  • fee702ebb0 fix #4556: introduce 'dc' and 'vm' prefix for aliases Leo Nunner 2023-06-07 12:17:49 +02:00
  • 7eea329388 fix #4556: introduce 'dc' and 'vm' prefix for IPSets Leo Nunner 2023-06-07 12:17:48 +02:00
  • 97f2bc6c68 bump version to 5.0.0 Thomas Lamprecht 2023-05-22 14:48:12 +02:00
  • ed35a17793 d/control: raise standards version compliance to 4.6.2 Thomas Lamprecht 2023-05-22 14:48:09 +02:00
  • c3d811ce84 d/control: define compat level via build-depends and raise to 13 Thomas Lamprecht 2023-05-22 14:47:51 +02:00
  • 68a0d9585e buildsys: add sbuild convenience target Thomas Lamprecht 2023-05-22 14:46:45 +02:00
  • a6d4c650d7 buildsys: derive upload dist automatically Thomas Lamprecht 2023-05-22 14:46:36 +02:00
  • 22b180a180 buildsys: use full DEB_VERSION and correct DEB_HOST_ARCH Thomas Lamprecht 2023-05-22 14:45:19 +02:00
  • 8fca2e979a buildsys: cleanup and expand clean target Thomas Lamprecht 2023-05-22 14:42:06 +02:00
  • 005ab90dad add basic gitignore file Thomas Lamprecht 2023-05-22 14:40:55 +02:00
  • a1622d6367 d/control: do not depend on obsolete lsb-base Thomas Lamprecht 2023-05-22 14:39:36 +02:00
  • 5d223aa31d makefile: convert to use simple parenthesis Thomas Lamprecht 2023-05-22 14:39:25 +02:00
  • 8be25ddb37 buildsys: rework doc-gen cleanup and makefile inclusion Thomas Lamprecht 2023-05-22 14:24:20 +02:00
  • d3bf672b4f bump version to 4.3-2 Thomas Lamprecht 2023-05-16 11:18:09 +02:00
  • 4d1ca18ee6 fix #4730: add safeguards to prevent ICMP type misuse Fabian Grünbichler 2023-05-16 11:09:24 +02:00
  • 42a7fbe0a4 icmp: factor out check for relevant protocols Fabian Grünbichler 2023-05-16 11:09:23 +02:00
  • 4fffdd36f0 d/changelog: fixup released Thomas Lamprecht 2023-04-26 12:24:28 +02:00
  • 521148df13 fix variables declared in conditional statement Thomas Lamprecht 2023-04-11 16:23:40 +02:00
  • e3d08ca1a6 d/changelog: fix typo Thomas Lamprecht 2023-03-17 15:30:49 +01:00
  • 23b3e816dd bump version to 4.3-1 Thomas Lamprecht 2023-03-17 15:28:37 +01:00
  • e3047e3f0c Fix #4550 : host options: add nf_conntrack_helpers Alexandre Derumier 2023-03-09 16:34:16 +01:00
  • 43dfdf3bac d/control: depend on pve-common 7.3-2 for new dump-log variant Wolfgang Bumiller 2023-01-27 10:51:37 +01:00
  • 8bd9b3e479 api: Add optional parameters since and until for timestamp filter Christian Ebner 2023-01-19 11:25:04 +01:00
  • c9536959ab cleanup: don't capture "/xx" of CIDR Stefan Hrdlicka 2022-12-13 16:14:19 +01:00
  • 1218eee930 allow non zero ip address host bits to be entered Stefan Hrdlicka 2022-12-13 16:14:18 +01:00
  • b4577a253c bump version to 4.2-7 Thomas Lamprecht 2022-11-17 19:53:09 +01:00
  • 5e3c0cf82d fix #4268: add 'force' parameter to delete IPSet with members Leo Nunner 2022-10-24 12:02:01 +02:00
  • 21d5ba9c34 helpers: move over missing lock_vmfw_conf Thomas Lamprecht 2022-11-16 17:03:12 +01:00
  • 429b536178 helpers: re-introduce original call site for backward compat Thomas Lamprecht 2022-11-16 17:02:54 +01:00
  • 5bdc31fb91 move clone_vmfw_conf && remove_vmfw_conf to a Helpers Alexandre Derumier 2022-06-29 11:08:29 +02:00
  • 84f91498b5 whitespace fixup Wolfgang Bumiller 2022-10-04 13:18:05 +02:00
  • 6198a78f13 fix #4204: automatically update usages of group when it is renamed Leo Nunner 2022-09-28 11:11:44 +02:00
  • 0b8ac6616f macros: s/SPICE/SPICEproxy/ Thomas Lamprecht 2022-09-12 17:22:39 +02:00
  • b3b7974f9a fix #4018: add firewall macro for SPICE Oguz Bektas 2022-06-29 13:07:08 +02:00
  • dd559e8af8 bump version to 4.2-6 Thomas Lamprecht 2022-08-29 09:43:59 +02:00
  • a1f5aa007a fix #4175: ignore non-filter ebtables tables Fabian Grünbichler 2022-07-27 15:07:52 +02:00
  • 60ab67f52d fix invalid vmfw config being interpreted as enabled Mira Limbeck 2022-08-24 14:24:30 +02:00
  • 7761d1a1a8 daemon: code cleanup/shortify Thomas Lamprecht 2022-08-25 15:56:29 +02:00
  • 4a626429c2 whitespace/indentation/line-length cleanup Thomas Lamprecht 2022-08-25 15:51:11 +02:00
  • 2038e26b8b config defaults: macfilter defaults to on Thomas Lamprecht 2022-05-15 08:47:03 +02:00
  • fba392f24c bump version to 4.2-5 Thomas Lamprecht 2021-11-04 16:37:17 +01:00
  • 1bf4d1d69b fix #3677: follow up: actually handle bucket size and ignore initval Thomas Lamprecht 2021-10-29 18:13:20 +02:00
  • 8f62e951aa fix #3677 ipset_get_chains fixed to work with new ipset output Mark Yardley 2021-10-18 21:21:32 +01:00
  • bd63a4390f bump version to 4.2-4 Thomas Lamprecht 2021-10-12 10:39:12 +02:00
  • 2a2b81b414 bump version to 4.2-3 Thomas Lamprecht 2021-09-10 13:00:11 +02:00
  • d9e7522b56 fix #2721: remove reject tcp 43 from default drop and reject actions Lorenz Stechauner 2021-08-05 12:59:03 +02:00
  • dcdbb55932 bump version to 4.2-2 Thomas Lamprecht 2021-06-21 11:31:47 +02:00
  • c7e6b30c81 set sysctls on every apply Stoiko Ivanov 2021-05-26 16:51:59 +02:00
  • d71f3ab7a5 bump version to 4.1-4 stable-6 Thomas Lamprecht 2021-05-26 17:28:52 +02:00
  • bad6b74db0 set sysctls on every apply Stoiko Ivanov 2021-05-26 16:51:59 +02:00
  • b5787a56be buildsys: change upload/repo dist to bullseye Thomas Lamprecht 2021-05-24 11:39:09 +02:00
  • 3cab23d0eb d/rules: cleanup systemd overrides Thomas Lamprecht 2021-05-24 11:15:50 +02:00
  • ce9cfab89a bump version to 4.2-1 Thomas Lamprecht 2021-05-12 20:23:15 +02:00
  • 6dfe6a22a0 debian: run wrap-and-sort -abt Thomas Lamprecht 2021-05-12 20:24:23 +02:00
  • 1761e70e54 install pvefw-logger.service in multi-user.target Thomas Lamprecht 2021-05-12 20:23:07 +02:00
  • 156178627c d/control: bump debhelper compat to >= 12 Thomas Lamprecht 2021-05-12 20:04:52 +02:00
  • 59992ae7be fw logger: cosmetic fixes Thomas Lamprecht 2021-05-12 19:58:46 +02:00
  • 12d3b75f1a fix #967: source: dest: limit length Aaron Lauterer 2021-04-22 14:30:09 +02:00
  • ab9a6ae6fc fix #2358: allow --<opt> in firewall rule config files Mira Limbeck 2021-02-22 13:00:18 +01:00
  • 8a4e5b696d bump version to 4.1-3 Thomas Lamprecht 2020-09-18 16:51:40 +02:00
  • cf051802e6 improve log burst property description Thomas Lamprecht 2020-09-18 16:39:08 +02:00
  • e1bfce947d various typo fixes Thomas Lamprecht 2020-09-18 16:37:06 +02:00