projects
/
project
/
firewall4.git
/ search
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅ next
tests: add missing fs.stat) mock data for `nf_conntrack_dummy`
2022-08-08
Jo-Philipp Wich
tests: add missing fs.stat) mock data for `nf_conntrack_dummy`
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-06-17
Jo-Philipp Wich
fw4: add support for `option log` in rule and redirect...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-06-17
Jo-Philipp Wich
fw4: support sets with timeout capability but without...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-06-15
Jo-Philipp Wich
tests: add test coverage for firewall includes
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-06-15
Jo-Philipp Wich
fw4: add support for configurable includes
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-06-14
Jo-Philipp Wich
fw4: fix crash in parse_cthelper() if no helpers are...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-06-14
Jo-Philipp Wich
fw4: simplify `is_loopback_dev()`
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-06-14
Jo-Philipp Wich
fw4: fix skipping invalid IPv6 ipset entries
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-06-14
Jo-Philipp Wich
ruleset: reorder declarations & output tweaks
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-06-14
Jo-Philipp Wich
ruleset: reuse zone-jump.uc template for notrack and...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-05-31
Jo-Philipp Wich
fw4: prefer /dev/stdin if available
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-05-31
Jo-Philipp Wich
fw4: make `fw4 restart` behavior more robust
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-05-30
Jo-Philipp Wich
ruleset: emit time ranges when both start and stop...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-05-30
Jo-Philipp Wich
fw4: fix datetime parsing
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-05-30
Jo-Philipp Wich
ruleset: correct mangle_output chain type
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-05-30
Jo-Philipp Wich
fw4: fix logic flaw in testing hw flow offloading support
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-05-30
Jo-Philipp Wich
fw4: ensure that negative bitcounts are properly translated
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-05-30
Jo-Philipp Wich
fw4: fix typo in emitted set types
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-05-20
Jo-Philipp Wich
fw4: support negative CIDR bit notation
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-05-20
Jo-Philipp Wich
hotplug: reliably handle interfaces with ubus zone...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-05-20
Jo-Philipp Wich
fw4: store zone associations from ubus in statefile...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-05-09
Jo-Philipp Wich
fw4: filter non hw-offload capable devices when resolving...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-05-09
Jo-Philipp Wich
fw4: always resolve lower flowtable devices
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-05-09
Jo-Philipp Wich
tests: fix mocked `fd.read("line")` api
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-04-29
Jo-Philipp Wich
fw4: refactor family selection for forwarding rules
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-04-29
Jo-Philipp Wich
treewide: use modern syntax
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-04-29
Jo-Philipp Wich
fw4: fix emitting device jump rules for family restricted...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-04-28
Jo-Philipp Wich
fw4: fix family auto-selection for config nat rules
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-04-26
Jo-Philipp Wich
ruleset: ensure that family-agnostic ICMP rules cover...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-04-21
Jo-Philipp Wich
tests: add test coverage for zone family selection...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-04-21
Jo-Philipp Wich
ruleset: set auto-merge directive for interval sets
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-04-21
Jo-Philipp Wich
fw4: fix skipping invalid ipset entries
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-04-13
Jo-Philipp Wich
fw4: fix applying zone flags for source bound rules
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-04-02
Jo-Philipp Wich
fw4: fix emitting family specific redirect rules without...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-04-02
Jo-Philipp Wich
fw4: bracketize IPv6 addresses in dnat addr:port notation
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-03-30
Jo-Philipp Wich
fw4: ensure to capitalize weekday names
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-03-22
Jo-Philipp Wich
treewide: forward compatibility changes
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-02-12
Jo-Philipp Wich
fw4: resolve zone layer 2 devices for hw flow offloading
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-02-12
Jo-Philipp Wich
fw4: rework and fix family inheritance logic
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-02-12
Jo-Philipp Wich
tests: mocklib: fix infinite recursion in wrapped print()
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-02-12
Jo-Philipp Wich
tests: change mocked wan interface type to PPPoE
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-02-11
Jo-Philipp Wich
tests: mocklib: forward compatibility change
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-02-10
Jo-Philipp Wich
fw4: only stage reflection rules if all required addrs...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-02-10
Jo-Philipp Wich
fw4: add device iifname/oifname matches to DSCP and...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-02-08
Jo-Philipp Wich
tests: adjust 01_ruleset test case to latest changes
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-02-07
Jo-Philipp Wich
fw4: gracefully handle unsupported hardware offloading
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-02-07
Jo-Philipp Wich
init: fix boot action in init script
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-02-07
Jo-Philipp Wich
fw4: parse traffic rules before forwarding rules
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-02-05
Jo-Philipp Wich
fw4: consolidate helper code
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-02-05
Jo-Philipp Wich
fw4: fix applying zone family restrictions to forwardings
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-02-05
Jo-Philipp Wich
tests: implement fs.opendir() mock interface
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-02-05
Jo-Philipp Wich
tests: fix mocked fs.popen() trace log
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-02-04
Jo-Philipp Wich
fw4: improve flowtable handling
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-02-03
Jo-Philipp Wich
fw4: disable "flow_offloading_hw" option for now
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-02-03
Jo-Philipp Wich
fw4: fix enabling NAT reflection rules for DNATs without...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-28
Jo-Philipp Wich
ruleset: fix undeclared variable access uncovered by...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-28
Jo-Philipp Wich
tests: run testcases in strict mode
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-28
Jo-Philipp Wich
ruleset: remove redundant syn check
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-28
Jo-Philipp Wich
fw4: add RFC-8622 'Least Effort' (LE) DSCP mark
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-28
Jo-Philipp Wich
tests: add test coverage for redirect rules
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-28
Jo-Philipp Wich
fw4: fix address selection logic for DNAT reflection...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-27
Jo-Philipp Wich
fw4: fix redirect destination zone resolving
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-27
Jo-Philipp Wich
fw4: fix potential crashes when parsing invalid redirect...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-27
Jo-Philipp Wich
ruleset: support non-contiguous address masks
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-27
Jo-Philipp Wich
tests: update interface dump mock data
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-27
Jo-Philipp Wich
fw4: fix family selection logic for redirect rules
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-27
Jo-Philipp Wich
ruleset: properly render redirect targets without port
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-26
Jo-Philipp Wich
fw4: consolidate device grouping logic
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-26
Jo-Philipp Wich
ruleset: consolidate zone matches for raw_prerouting...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-26
Jo-Philipp Wich
fw4: fix wrong `parse_network()` return value on `parse_subn...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-26
Jo-Philipp Wich
fw4: fix parsing inverted numeric DSCP values
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-26
Jo-Philipp Wich
ruleset: emit AF specific rules for DSCP matches
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-26
Jo-Philipp Wich
fw4: fix family comparisons
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-25
Jo-Philipp Wich
ruleset: properly deal with wildcards in zone device...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-22
Jo-Philipp Wich
ruleset: fix chain selection for mark and dscp targets
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2022-01-22
Jo-Philipp Wich
fw4.uc: handle zone masq6 option
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2021-10-17
Jo-Philipp Wich
rule.uc: always format ICMP type/code list as set
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2021-09-01
Jo-Philipp Wich
treewide: convert deprecated syntax
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2021-09-01
Jo-Philipp Wich
tests: adapt to latest ucode
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2021-03-31
Jo-Philipp Wich
tests: expand testing
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2021-03-31
Jo-Philipp Wich
fw4.uc: fix family test functions
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2021-03-31
Jo-Philipp Wich
fw4.uc: fix parsing boolean "0" values
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2021-03-31
Jo-Philipp Wich
rule.uc: fix redundant whitespace in rules without...
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2021-03-31
Jo-Philipp Wich
ruleset.uc: reduce empty lines in output
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2021-03-31
Jo-Philipp Wich
fw4.uc: gracefully handle missing defaults section
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2021-03-30
Jo-Philipp Wich
treewide: remove ucode module preloading
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2021-03-29
Jo-Philipp Wich
fw4.uc: remove upvalue caching
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree
2021-03-19
Jo-Philipp Wich
Initial commit
Signed-off-by: Jo-Philipp Wich <
jo@mein.io
>
commit
|
commitdiff
|
tree