| Commit message (Collapse) | Author | Age | Files | Lines | ||
|---|---|---|---|---|---|---|
| ... | ||||||
| * | fix ratelimiting to work with bursts properly | Timo Teräs | 2013-08-02 | 1 | -1/+1 | |
| | | ||||||
| * | limit packet/connection rate per source IP | Kaarle Ritvanen | 2013-08-02 | 1 | -1/+1 | |
| | | ||||||
| * | awall/json: define service tftpv0.3.1 | Leonardo Arena | 2013-03-09 | 1 | -1/+2 | |
| | | ||||||
| * | secure use of connection tracking helpersv0.3.0 | Kaarle Ritvanen | 2013-02-19 | 2 | -24/+106 | |
| | | | | | | enable connection tracking helpers when required, fixes #1540 service-specific RELATED rules | |||||
| * | create /etc/awall/privatev0.2.17 | Kaarle Ritvanen | 2013-02-19 | 1 | -0/+1 | |
| | | ||||||
| * | allow returning nil from module event functionsv0.2.16 | Kaarle Ritvanen | 2013-02-19 | 1 | -2/+4 | |
| | | ||||||
| * | use the same mark for all transparent proxy rules | Kaarle Ritvanen | 2013-02-19 | 3 | -70/+87 | |
| | | ||||||
| * | ensure that awall's default policies are processed first | Kaarle Ritvanen | 2013-02-19 | 3 | -11/+26 | |
| | | | | | (and thus allow overriding them) | |||||
| * | fixed transparent proxy support | Kaarle Ritvanen | 2013-02-08 | 2 | -27/+57 | |
| | | | | | | use -p option in TPROXY rules constrain TPROXY rules to PREROUTING chain | |||||
| * | detect invalid import references | Kaarle Ritvanen | 2013-02-08 | 1 | -1/+5 | |
| | | ||||||
| * | use connection marking with transparent proxies | Kaarle Ritvanen | 2013-02-08 | 4 | -73/+64 | |
| | | ||||||
| * | rewrote code combining zone and address option fragments | Kaarle Ritvanen | 2013-02-08 | 1 | -15/+19 | |
| | | | | | now works also for reversed rules | |||||
| * | overhaul of policy file handling | Kaarle Ritvanen | 2013-02-08 | 4 | -151/+160 | |
| | | | | | | | private policies which can be imported but not directly enabled show more information about policies with awall list -a, fixes #1467 override policy file paths using AWALL_PATH_* environment variables | |||||
| * | packet logging without filtering | Kaarle Ritvanen | 2013-02-08 | 2 | -61/+100 | |
| | | ||||||
| * | corrected processing order of module contents | Kaarle Ritvanen | 2013-02-08 | 1 | -6/+11 | |
| | | ||||||
| * | copyright and license notice in help text | Kaarle Ritvanen | 2013-02-05 | 1 | -1/+6 | |
| | | ||||||
| * | included GPL2 license text | Kaarle Ritvanen | 2013-01-31 | 21 | -20/+359 | |
| | | ||||||
| * | statistical packet logging | Kaarle Ritvanen | 2013-01-30 | 1 | -4/+20 | |
| | | | | | fixes #1587 | |||||
| * | deterministic (alphabetical) ordering for tables and chains in ip[6]tables files | Kaarle Ritvanen | 2013-01-30 | 1 | -6/+10 | |
| | | ||||||
| * | support for all NFLOG and ULOG optionsv0.2.15 | Kaarle Ritvanen | 2013-01-30 | 2 | -4/+27 | |
| | | | | | fixes #1586 | |||||
| * | combine limit and log chains when possible | Kaarle Ritvanen | 2013-01-30 | 1 | -22/+24 | |
| | | ||||||
| * | simplify limit definitions | Kaarle Ritvanen | 2013-01-30 | 1 | -2/+8 | |
| | | | | | | interval becomes optional (default: 1) simple limits can be specified as integers (use default interval and log settings) | |||||
| * | handle limit counts greater than max packet count for xt_recent | Kaarle Ritvanen | 2013-01-30 | 1 | -8/+33 | |
| | | | | | fixes #1583 | |||||
| * | stop using obsolete NOTRACK target | Kaarle Ritvanen | 2013-01-30 | 1 | -1/+1 | |
| | | ||||||
| * | improved error handling | Kaarle Ritvanen | 2013-01-30 | 5 | -127/+189 | |
| | | | | | | do not print stack trace in case of user errors, fixes #1453 immediate fallback after failed activation, even with --force, before main process exit, fixes #1584 | |||||
| * | make to-port attribute optional in tproxy rules | Kaarle Ritvanen | 2013-01-24 | 1 | -2/+2 | |
| | | ||||||
| * | transparent proxy modulev0.2.14 | Kaarle Ritvanen | 2013-01-24 | 1 | -0/+41 | |
| | | | | | fixes #1582 | |||||
| * | allow manipulation of option fragments in the middle of Rule.trules | Kaarle Ritvanen | 2013-01-24 | 1 | -2/+8 | |
| | | ||||||
| * | move mark attribute checking to MarkRule.init | Kaarle Ritvanen | 2013-01-24 | 1 | -4/+6 | |
| | | ||||||
| * | class loading function in main module | Kaarle Ritvanen | 2013-01-24 | 2 | -9/+8 | |
| | | ||||||
| * | table update & copy functions | Kaarle Ritvanen | 2013-01-24 | 2 | -12/+15 | |
| | | | | | clean-up of require statements in filter module | |||||
| * | explicit processing order directives for modules | Kaarle Ritvanen | 2013-01-24 | 8 | -85/+106 | |
| | | ||||||
| * | dependency resolver function | Kaarle Ritvanen | 2013-01-24 | 3 | -36/+71 | |
| | | ||||||
| * | add missing local keyword into filter.lua | Kaarle Ritvanen | 2013-01-21 | 1 | -2/+2 | |
| | | ||||||
| * | properly support ipset types other than hashesv0.2.13 | Kaarle Ritvanen | 2013-01-18 | 3 | -27/+43 | |
| | | | | | | move ipset config object handling to model.lua fixes #1535 | |||||
| * | filter: fix warning about -m state in newer iptables | Natanael Copa | 2013-01-01 | 1 | -1/+1 | |
| | | | | | | | | Fixes this warning when using recent iptables: WARNING: The state match is obsolete. Use conntrack instead. ref #1497 | |||||
| * | mention policy file path in error message when reading fails | Kaarle Ritvanen | 2012-10-30 | 1 | -1/+1 | |
| | | | | | fixes #1449 | |||||
| * | search for optional policies in /etc/awall/optionalv0.2.12 | Kaarle Ritvanen | 2012-10-23 | 2 | -3/+6 | |
| | | ||||||
| * | remove unnecessary local reference to awall.object module | Kaarle Ritvanen | 2012-10-03 | 1 | -2/+1 | |
| | | ||||||
| * | enforce common base class for all objects | Kaarle Ritvanen | 2012-10-03 | 7 | -7/+8 | |
| | | ||||||
| * | stop using deprecated ip-range attribute internally | Kaarle Ritvanen | 2012-10-03 | 1 | -1/+1 | |
| | | ||||||
| * | zone-specific route-back attributev0.2.11 | Kaarle Ritvanen | 2012-10-03 | 1 | -1/+1 | |
| | | ||||||
| * | rename address and port attributes in NAT rules | Kaarle Ritvanen | 2012-09-13 | 1 | -5/+17 | |
| | | ||||||
| * | make port-range work in NAT rules when ip-range not definedv0.2.10 | Kaarle Ritvanen | 2012-09-13 | 1 | -3/+6 | |
| | | ||||||
| * | set prefix in log settingsv0.2.9 | Kaarle Ritvanen | 2012-09-12 | 1 | -1/+5 | |
| | | ||||||
| * | support for port ranges in service definitionsv0.2.8 | Kaarle Ritvanen | 2012-09-03 | 1 | -1/+3 | |
| | | ||||||
| * | support bypassing connection tracking per filter rule | Kaarle Ritvanen | 2012-09-03 | 2 | -11/+32 | |
| | | | | | rules for reverse direction created automatically | |||||
| * | allow routing-related ICMP messages by default | Kaarle Ritvanen | 2012-09-03 | 1 | -7/+24 | |
| | | ||||||
| * | load modules in alphabetical order | Kaarle Ritvanen | 2012-09-03 | 1 | -3/+7 | |
| | | ||||||
| * | generalize awall.optfrag.combinations to accept variable number of arguments | Kaarle Ritvanen | 2012-09-03 | 2 | -9/+11 | |
| | | ||||||
 |
index : awall | |
| Alpine Wall | gitolite |
| aboutsummaryrefslogtreecommitdiffstats |