projects
/
project
/
firewall3.git
/ search
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅
next
defaults: robustify flow table detection.
2020-01-28
Rui Salvaterra
defaults: robustify flow table detection.
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2019-11-22
Jo-Philipp Wich
utils: persist effective extra_src and extra_dest options...
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2019-11-22
Jo-Philipp Wich
zones: fix emitting match rules for zones with only...
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2019-09-18
Jo-Philipp Wich
ubus: do not overwrite ipset name attribute
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2019-09-03
Hauke Mehrtens
firewall3: Fix some format string problems
commit
|
commitdiff
|
tree
2019-08-22
Alexander Couzens
iptables.c: lock the xtables.lock
commit
|
commitdiff
|
tree
2019-08-22
Alexander Couzens
utils: implement fw3_lock_path() & fw3_unlock_path()
commit
|
commitdiff
|
tree
2018-08-13
Jo-Philipp Wich
defaults: fix check_kmod() function
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2018-08-07
Joe Holden
defaults: use a generic check_kmod() function
commit
|
commitdiff
|
tree
2018-08-03
Jo-Philipp Wich
Add support for DSCP matches and target
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2018-07-26
Jo-Philipp Wich
ubus: avoid dumping interface state with NULL message
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2018-05-19
Jo-Philipp Wich
zones: add interface/subnet bound LOG rules
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2018-05-16
Jo-Philipp Wich
options: treat time strings as UTC times
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2018-03-13
Jo-Philipp Wich
Reword rule comments
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2018-03-13
Jo-Philipp Wich
defaults: add support for xt_FLOWOFFLOAD rule
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2018-03-10
Jo-Philipp Wich
ipsets: add support for specifying entries
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2018-03-02
Jo-Philipp Wich
iptables: fix possible NULL pointer access on constructing...
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2018-02-20
Jo-Philipp Wich
helpers: implement explicit CT helper assignment support
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2018-02-13
Jo-Philipp Wich
zones: disable masq when resolving of all masq_src...
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2018-02-13
Jo-Philipp Wich
options: emit an empty address item when resolving...
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2018-02-13
Jo-Philipp Wich
ubus: let fw3_ubus_address() return the number of resolved...
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2017-05-27
Jo-Philipp Wich
options: remove stray continue statement
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2017-05-26
Jo-Philipp Wich
options: improve handling of negations when parsing...
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2017-05-26
Jo-Philipp Wich
iptables: support -i, -o, -s and -d in option extra
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2017-05-12
Jo-Philipp Wich
iptables: add exception handling
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2017-05-09
Pierre Lebleu
firewall3: add check_snat() function
commit
|
commitdiff
|
tree
2017-05-09
Pierre Lebleu
firewall3: display the section type for UBUS rules
commit
|
commitdiff
|
tree
2017-05-09
Pierre Lebleu
firewall3: add UBUS support for include scripts
commit
|
commitdiff
|
tree
2017-05-09
Pierre Lebleu
firewall3: add UBUS support for ipset sections
commit
|
commitdiff
|
tree
2017-05-09
Pierre Lebleu
firewall3: add UBUS support for forwarding sections
commit
|
commitdiff
|
tree
2017-05-09
Pierre Lebleu
firewall3: add UBUS support for redirect sections
commit
|
commitdiff
|
tree
2017-05-09
Pierre Lebleu
firewall3: add fw3_attr_parse_name_type() function
commit
|
commitdiff
|
tree
2017-05-09
Pierre Lebleu
firewall3: replace warn_rule() by warn_section()
commit
|
commitdiff
|
tree
2017-05-09
Pierre Lebleu
firewall3: check the return value of fw3_parse_options()
commit
|
commitdiff
|
tree
2017-04-27
Jo-Philipp Wich
zones: drop outgoing invalid traffic in masqueraded...
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2017-04-27
Jo-Philipp Wich
rules: fix UCI context in error reporting
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2017-02-22
Jo-Philipp Wich
firewall3: fix handling of UTC times
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2017-02-07
Jo-Philipp Wich
iptables: support xtables API > 11
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2017-01-13
Jo-Philipp Wich
zones: do not check conntrack state in zone_*_dest_ACCEPT...
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2016-11-29
Jo-Philipp Wich
global: remove automatic notrack rules
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2016-11-07
Jo-Philipp Wich
forwards: properly propagate conntrack flag
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2016-11-06
Jo-Philipp Wich
iptables: move includes into iptables.c to avoid kernel...
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2016-11-06
Ralph Sennhauser
musl-compat: avoid kernel header conflicts
commit
|
commitdiff
|
tree
2016-11-06
Jo-Philipp Wich
iptables: remove usage of xt_id
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2016-11-06
Jo-Philipp Wich
main: make failing ubus connection nonfatal
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2016-11-06
Jo-Philipp Wich
iptables: rework extension loader
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2016-11-06
Jo-Philipp Wich
iptables: declare _GNU_SOURCE to define RTLD_NEXT
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2016-11-06
Ralph Sennhauser
iptables: optional loading of static extensions
[
Jo-Philipp Wich
: stub init_extensions*() instead...
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2016-11-05
Ralph Sennhauser
iptables: fix loading standard target
[
Jo-Philipp Wich
: minor code style change to if...
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2016-11-04
Ralph Sennhauser
iptables: add support for version 1.6.0
commit
|
commitdiff
|
tree
2016-11-01
Jo-Philipp Wich
zones: properly handle multiple masq_src / masq_dest...
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2016-11-01
Jo-Philipp Wich
iptables: use different approach for managing loadable...
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2016-08-08
Jo-Philipp Wich
zones: allow untracked traffic as well
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2016-08-08
Jo-Philipp Wich
defaults: disable drop_invalid by default
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2016-08-08
Jo-Philipp Wich
zones: restrict default ACCEPT rules to NEW ctstate
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2016-06-07
Jo-Philipp Wich
treewide: replace jow@openwrt.org with jo@mein.io
Signed-off-by:
Jo-Philipp Wich
<jo@mein.io>
commit
|
commitdiff
|
tree
2016-05-02
Alin Năstac
load running state after lock is acquired
commit
|
commitdiff
|
tree
2016-04-28
Daniel Golle
set mark for locally generated traffic in OUTPUT chain
commit
|
commitdiff
|
tree
2016-04-27
Alexandru Ardelean
defaults.c: remove toplevel_rule struct
commit
|
commitdiff
|
tree
2016-01-29
Jo-Philipp Wich
defaults: emit ctstate INVALID drop rules by default
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2016-01-29
Len White
iptables: fix inversion flags
commit
|
commitdiff
|
tree
2016-01-24
Jo-Philipp Wich
Remove commented code
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2016-01-24
Jo-Philipp Wich
Use xt_id match to track own rules
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2015-05-26
Jo-Philipp Wich
redirects: only emit REDIRECT rules if dest_ip is unset
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2015-05-26
Jo-Philipp Wich
Rework match initialization
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2015-05-26
Jo-Philipp Wich
Link libext dynamically
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2015-05-22
Jo-Philipp Wich
iptables: initialize multiport match
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2015-05-21
Jo-Philipp Wich
ubus: allow proto handlers to override device in announced...
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2015-04-18
Jo-Philipp Wich
ubus: print rule name when reporting errors
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2015-04-18
Jo-Philipp Wich
ubus: store rule origin as comment
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2015-01-13
Jo-Philipp Wich
redirects: fix possible null pointer access
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2015-01-08
Ulrich Weber
firewall3: fix left shift on 64 bit systems in fw3_bitlen2ne...
commit
|
commitdiff
|
tree
2015-01-08
Jo-Philipp Wich
redirects: respect src_dip option for reflection rules
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2014-09-19
Jo-Philipp Wich
options: allow '*' as value for protocols and families
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2014-09-18
Jo-Philipp Wich
utils: rework fw3_bitlen2netmask() IPv6 mask calculation
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2014-09-17
Jo-Philipp Wich
redirect: emit -j REDIRECT rules for local port forwards
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2014-09-17
Jo-Philipp Wich
utils: fix invalid memory access in fw3_bitlen2netmask()
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2014-08-11
Jo-Philipp Wich
utils: ifa_addr may be NULL, skip such entries
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2014-08-11
Jo-Philipp Wich
Selectively flush conntrack
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2014-07-21
Jo-Philipp Wich
zones: make forward policy destination bound
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2014-07-19
Jo-Philipp Wich
options: fix logic flaw when parsing ipaddr/mask notation
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2014-07-19
Jo-Philipp Wich
Use netmasks instead of prefix lengths internally
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2014-07-10
Jo-Philipp Wich
ubus: handle attribute access after NULL check in parse_subn...
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2014-07-10
Jo-Philipp Wich
ubus: fix fw3_ubus_address()
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2014-07-10
Jo-Philipp Wich
ubus: fix fw3_ubus_device() to only return a pointer...
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2014-07-03
Jo-Philipp Wich
options: fix fw3_parse_network() when destination pointer...
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2014-04-11
Jo-Philipp Wich
Reapply SNAT/MASQUERADE rules on firewall reloads
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2014-04-06
Jo-Philipp Wich
Initial support for "config nat" rules - this allows...
commit
|
commitdiff
|
tree
2014-02-21
Jo-Philipp Wich
Several ipset bugfixes
Signed-off-by:
Jo-Philipp Wich
<jow@openwrt.org>
commit
|
commitdiff
|
tree
2013-12-17
Jo-Philipp Wich
Change set_default() to take value as integer, required...
commit
|
commitdiff
|
tree
2013-12-17
Jo-Philipp Wich
Treat option tcp_ecn as integer, not bool
commit
|
commitdiff
|
tree
2013-12-17
Jo-Philipp Wich
Properly check strtol() results when paring values...
commit
|
commitdiff
|
tree
2013-11-18
Jo-Philipp Wich
Clean up dead code
commit
|
commitdiff
|
tree
2013-11-18
Jo-Philipp Wich
Skip redirects with invalid options
commit
|
commitdiff
|
tree
2013-11-18
Jo-Philipp Wich
Skip rules with invalid options
commit
|
commitdiff
|
tree
2013-11-18
Jo-Philipp Wich
Change fw3_parse_options() to indicate whether all...
commit
|
commitdiff
|
tree
2013-11-07
Jo-Philipp Wich
Use a global -m conntrack --ctstate DNAT rule to accept...
commit
|
commitdiff
|
tree
2013-10-23
Steven Barth
Improve ubus support
commit
|
commitdiff
|
tree
2013-10-10
Jo-Philipp Wich
Use fw3_ipt_rule_replace() when setting up zone interface...
commit
|
commitdiff
|
tree
2013-10-10
Jo-Philipp Wich
Use fw3_ipt_rule_replace() when setting up reflection
commit
|
commitdiff
|
tree
next