| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | do not generate superfluous chain when 'dnat' used without 'dest'v1.1.11.1-stable | Kaarle Ritvanen | 2014-04-16 | 1 | -2/+3 |
| | | |||||
| * | make 'dnat' and 'out' parameters work together | Kaarle Ritvanen | 2014-04-16 | 1 | -9/+12 |
| | | | | | | Conflicts: awall/modules/filter.lua | ||||
| * | allow 'dnat' parameter without 'dest' | Kaarle Ritvanen | 2014-04-16 | 1 | -3/+0 |
| | | | | | | Conflicts: awall/modules/filter.lua | ||||
| * | error message for invalid top-level attributes | Kaarle Ritvanen | 2014-04-16 | 1 | -0/+4 |
| | | |||||
| * | default 'after' to relative complement of 'before' in 'imported'v1.1.0 | Kaarle Ritvanen | 2014-03-31 | 1 | -4/+12 |
| | | |||||
| * | include/exclude actions in dnat, snat, and no-track rules | Kaarle Ritvanen | 2014-03-31 | 4 | -17/+25 |
| | | |||||
| * | default filter action to accept | Kaarle Ritvanen | 2014-03-31 | 1 | -0/+2 |
| | | |||||
| * | optimize chain selection for related rules (always ACCEPT) | Kaarle Ritvanen | 2014-03-31 | 1 | -8/+6 |
| | | |||||
| * | distinguish local-destined packets before routing decision | Kaarle Ritvanen | 2014-03-31 | 2 | -14/+18 |
| | | |||||
| * | make boolean variables work | Kaarle Ritvanen | 2014-03-28 | 1 | -2/+2 |
| | | |||||
| * | rename 'reverse-type' to 'reply-type'v1.0.0 | Kaarle Ritvanen | 2014-03-07 | 2 | -4/+4 |
| | | |||||
| * | awall/json: define telnet service | Leonardo Arena | 2014-03-07 | 1 | -0/+1 |
| | | |||||
| * | properly handle stateless ICMP rulesv0.3.5 | Kaarle Ritvanen | 2014-02-28 | 2 | -5/+9 |
| | | | | | fixes #2714 | ||||
| * | constrain 'netbios-ns' service to IPv4 onlyv0.3.4 | Kaarle Ritvanen | 2013-09-30 | 3 | -88/+121 |
| | | |||||
| * | create /var/run/awall directory at run-timev0.3.3 | Kaarle Ritvanen | 2013-09-11 | 2 | -1/+2 |
| | | | | | fixes #2247 | ||||
| * | check correctness of 'action' attributev0.3.2 | Kaarle Ritvanen | 2013-08-15 | 2 | -6/+12 |
| | | | | | ref #2193 | ||||
| * | services: correct the name of netbios-ns helper | Kaarle Ritvanen | 2013-08-15 | 1 | -1/+1 |
| | | |||||
| * | split into multiple rules when multiport module's port limit is exceeded | Kaarle Ritvanen | 2013-08-15 | 1 | -8/+30 |
| | | | | | fixes #2131 | ||||
| * | add service definitions | Kaarle Ritvanen | 2013-08-15 | 1 | -1/+4 |
| | | |||||
| * | ignore ULOG for IPv6 rules | Kaarle Ritvanen | 2013-08-15 | 1 | -4/+8 |
| | | |||||
| * | add missing '-m helper' to rules when required | Kaarle Ritvanen | 2013-08-15 | 1 | -1/+1 |
| | | | | | fixes #2192 | ||||
| * | allow defining after directive as string | Kaarle Ritvanen | 2013-08-15 | 1 | -1/+3 |
| | | |||||
| * | fix ratelimiting to work with bursts properly | Timo Teräs | 2013-08-02 | 1 | -1/+1 |
| | | |||||
| * | limit packet/connection rate per source IP | Kaarle Ritvanen | 2013-08-02 | 1 | -1/+1 |
| | | |||||
| * | awall/json: define service tftpv0.3.1 | Leonardo Arena | 2013-03-09 | 1 | -1/+2 |
| | | |||||
| * | secure use of connection tracking helpersv0.3.0 | Kaarle Ritvanen | 2013-02-19 | 2 | -24/+106 |
| | | | | | | enable connection tracking helpers when required, fixes #1540 service-specific RELATED rules | ||||
| * | create /etc/awall/privatev0.2.17 | Kaarle Ritvanen | 2013-02-19 | 1 | -0/+1 |
| | | |||||
| * | allow returning nil from module event functionsv0.2.16 | Kaarle Ritvanen | 2013-02-19 | 1 | -2/+4 |
| | | |||||
| * | use the same mark for all transparent proxy rules | Kaarle Ritvanen | 2013-02-19 | 3 | -70/+87 |
| | | |||||
| * | ensure that awall's default policies are processed first | Kaarle Ritvanen | 2013-02-19 | 3 | -11/+26 |
| | | | | | (and thus allow overriding them) | ||||
| * | fixed transparent proxy support | Kaarle Ritvanen | 2013-02-08 | 2 | -27/+57 |
| | | | | | | use -p option in TPROXY rules constrain TPROXY rules to PREROUTING chain | ||||
| * | detect invalid import references | Kaarle Ritvanen | 2013-02-08 | 1 | -1/+5 |
| | | |||||
| * | use connection marking with transparent proxies | Kaarle Ritvanen | 2013-02-08 | 4 | -73/+64 |
| | | |||||
| * | rewrote code combining zone and address option fragments | Kaarle Ritvanen | 2013-02-08 | 1 | -15/+19 |
| | | | | | now works also for reversed rules | ||||
| * | overhaul of policy file handling | Kaarle Ritvanen | 2013-02-08 | 4 | -151/+160 |
| | | | | | | | private policies which can be imported but not directly enabled show more information about policies with awall list -a, fixes #1467 override policy file paths using AWALL_PATH_* environment variables | ||||
| * | packet logging without filtering | Kaarle Ritvanen | 2013-02-08 | 2 | -61/+100 |
| | | |||||
| * | corrected processing order of module contents | Kaarle Ritvanen | 2013-02-08 | 1 | -6/+11 |
| | | |||||
| * | copyright and license notice in help text | Kaarle Ritvanen | 2013-02-05 | 1 | -1/+6 |
| | | |||||
| * | included GPL2 license text | Kaarle Ritvanen | 2013-01-31 | 21 | -20/+359 |
| | | |||||
| * | statistical packet logging | Kaarle Ritvanen | 2013-01-30 | 1 | -4/+20 |
| | | | | | fixes #1587 | ||||
| * | deterministic (alphabetical) ordering for tables and chains in ip[6]tables files | Kaarle Ritvanen | 2013-01-30 | 1 | -6/+10 |
| | | |||||
| * | support for all NFLOG and ULOG optionsv0.2.15 | Kaarle Ritvanen | 2013-01-30 | 2 | -4/+27 |
| | | | | | fixes #1586 | ||||
| * | combine limit and log chains when possible | Kaarle Ritvanen | 2013-01-30 | 1 | -22/+24 |
| | | |||||
| * | simplify limit definitions | Kaarle Ritvanen | 2013-01-30 | 1 | -2/+8 |
| | | | | | | interval becomes optional (default: 1) simple limits can be specified as integers (use default interval and log settings) | ||||
| * | handle limit counts greater than max packet count for xt_recent | Kaarle Ritvanen | 2013-01-30 | 1 | -8/+33 |
| | | | | | fixes #1583 | ||||
| * | stop using obsolete NOTRACK target | Kaarle Ritvanen | 2013-01-30 | 1 | -1/+1 |
| | | |||||
| * | improved error handling | Kaarle Ritvanen | 2013-01-30 | 5 | -127/+189 |
| | | | | | | do not print stack trace in case of user errors, fixes #1453 immediate fallback after failed activation, even with --force, before main process exit, fixes #1584 | ||||
| * | make to-port attribute optional in tproxy rules | Kaarle Ritvanen | 2013-01-24 | 1 | -2/+2 |
| | | |||||
| * | transparent proxy modulev0.2.14 | Kaarle Ritvanen | 2013-01-24 | 1 | -0/+41 |
| | | | | | fixes #1582 | ||||
| * | allow manipulation of option fragments in the middle of Rule.trules | Kaarle Ritvanen | 2013-01-24 | 1 | -2/+8 |
| | | |||||
 |
index : awall | |
| Alpine Wall | gitolite |
| aboutsummaryrefslogtreecommitdiffstats |