aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* loaded policies included in PolicyConfig objectsKaarle Ritvanen2012-06-281-3/+4
|
* show original variable definitions in dump outputKaarle Ritvanen2012-06-282-48/+40
| | | | | PolicyConfig.variables removed PolicyConfig.eval merged to PolicyConfig.expand
* streamlined variable expansionKaarle Ritvanen2012-06-281-9/+2
| | | | side effects removed
* corrected an error in raising an error (NAT rule interfaces)Kaarle Ritvanen2012-06-281-1/+1
|
* support for ACCEPT rules in NAT chainsKaarle Ritvanen2012-06-281-1/+2
|
* reset all built-in chains on activation/fallback regardless of translation ↵Kaarle Ritvanen2012-06-261-4/+22
| | | | results
* support for empty zonesKaarle Ritvanen2012-06-263-11/+13
| | | | (set either addr or iface attribute to an empty list)
* apply ip[6]tables-restore only if protocol support loaded into kernelKaarle Ritvanen2012-06-261-10/+29
|
* pretty output from awall listKaarle Ritvanen2012-06-263-15/+30
|
* command for dumping variable and zone definitionsKaarle Ritvanen2012-06-262-1/+34
|
* new class for configuration loaded from policy files but not yet translated ↵Kaarle Ritvanen2012-06-263-46/+59
| | | | to iptables rules
* masquerading set rule applied after other SNAT rulesv0.1.4Kaarle Ritvanen2012-06-211-4/+6
|
* ipset-based masquerading moved to a module of its ownKaarle Ritvanen2012-06-212-5/+17
|
* set chain policy to ACCEPT in tables other than filterKaarle Ritvanen2012-06-211-3/+5
|
* filter out ICMPv4/6 rules per protocol family even when message type not definedv0.1.3Kaarle Ritvanen2012-06-211-11/+11
|
* by default, allow all ICMPv6 messages originating from or destined to local hostKaarle Ritvanen2012-06-211-1/+10
|
* multi-stage processing of default rulesKaarle Ritvanen2012-06-213-21/+30
|
* accept all loopback trafficKaarle Ritvanen2012-06-211-0/+9
|
* add dhcp serviceJeremy Thomerson2012-06-131-1/+2
|
* OUTPUT chain needs stateful tracking alsoTimo Teräs2012-06-081-1/+1
|
* report JSON file name on parse errorv0.1.2Kaarle Ritvanen2012-05-171-2/+10
|
* adjust command line help textKaarle Ritvanen2012-05-031-4/+4
|
* make the family attribute mandatory for ipset objectsKaarle Ritvanen2012-05-031-3/+3
| | | | incidentally, this makes all IP set-referring rules specific to one protocol family
* installer Makefile addedKaarle Ritvanen2012-05-031-0/+47
|
* policy file description attributev0.1.1Kaarle Ritvanen2012-05-013-10/+20
|
* command line syntax helpKaarle Ritvanen2012-05-011-5/+40
|
* improved command line syntaxKaarle Ritvanen2012-05-011-32/+47
|
* add sample policy fileKaarle Ritvanen2012-05-011-0/+40
|
* cover ICMPv6 echo in ping service definitionKaarle Ritvanen2012-05-011-1/+4
|
* use local DNS resolverv0.1.0Kaarle Ritvanen2012-04-191-2/+1
|
* interrupted read triggers fallbackKaarle Ritvanen2012-04-191-1/+1
|
* Config object initialization from PolicySetKaarle Ritvanen2012-04-192-11/+12
|
* wrapped a long statement in policy.luaKaarle Ritvanen2012-04-191-1/+7
|
* corrected scope errorsKaarle Ritvanen2012-04-192-2/+2
|
* enable, disable, and list optional policy filesKaarle Ritvanen2012-04-122-8/+84
|
* configuration (policy) file handling moved to a dedicated moduleKaarle Ritvanen2012-04-122-57/+111
|
* convert empty strings to nil values in input configuration tableKaarle Ritvanen2012-04-121-2/+4
| | | | skip expansion in the variable fragment to avoid clearing variable declarations
* dnat option for filter rulesKaarle Ritvanen2012-04-122-1/+72
|
* module metadata processing moved to awall.loadmodulesKaarle Ritvanen2012-04-124-15/+29
| | | | | deterministic processing order within modules global classmap for dynamic module discovery
* module namespace-related style adjustmentsKaarle Ritvanen2012-04-123-9/+8
| | | | | drop awall prefix when accessing submodules from the main module remove module-level function/module shortcuts when used only once
* subfunctions prefixed with 'local'Kaarle Ritvanen2012-04-122-10/+10
|
* corrected fw zone exclusion in NATRule.initKaarle Ritvanen2012-04-091-2/+4
|
* optional, importable configuration filesKaarle Ritvanen2012-04-092-20/+55
|
* service definition added: bgpKaarle Ritvanen2012-04-051-0/+1
|
* string concatenation support in variable expansionKaarle Ritvanen2012-03-261-5/+14
|
* more service definitionsKaarle Ritvanen2012-03-261-0/+10
|
* safe activation mode (with automatic fallback)Kaarle Ritvanen2012-03-262-5/+66
|
* iptables module: backup and revert functionsKaarle Ritvanen2012-03-261-16/+30
| | | | private class for reading current configuration
* make verification using ip[6]tables-restore optionalKaarle Ritvanen2012-03-221-3/+5
| | | | verification requires root privileges
* control input and output directories from command lineKaarle Ritvanen2012-03-222-7/+26
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-06 21:30:47 +0000