summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* rewrote code combining zone and address option fragmentsHEADmasterKaarle Ritvanen2013-02-081-15/+19
| | | | now works also for reversed rules
* overhaul of policy file handlingKaarle Ritvanen2013-02-084-151/+160
| | | | | | private policies which can be imported but not directly enabled show more information about policies with awall list -a, fixes #1467 override policy file paths using AWALL_PATH_* environment variables
* packet logging without filteringKaarle Ritvanen2013-02-082-61/+100
|
* corrected processing order of module contentsKaarle Ritvanen2013-02-081-6/+11
|
* copyright and license notice in help textKaarle Ritvanen2013-02-051-1/+6
|
* included GPL2 license textKaarle Ritvanen2013-01-3121-20/+359
|
* statistical packet loggingKaarle Ritvanen2013-01-301-4/+20
| | | | fixes #1587
* deterministic (alphabetical) ordering for tables and chains in ip[6]tables filesKaarle Ritvanen2013-01-301-6/+10
|
* support for all NFLOG and ULOG optionsv0.2.15Kaarle Ritvanen2013-01-302-4/+27
| | | | fixes #1586
* combine limit and log chains when possibleKaarle Ritvanen2013-01-301-22/+24
|
* simplify limit definitionsKaarle Ritvanen2013-01-301-2/+8
| | | | | interval becomes optional (default: 1) simple limits can be specified as integers (use default interval and log settings)
* handle limit counts greater than max packet count for xt_recentKaarle Ritvanen2013-01-301-8/+33
| | | | fixes #1583
* stop using obsolete NOTRACK targetKaarle Ritvanen2013-01-301-1/+1
|
* improved error handlingKaarle Ritvanen2013-01-305-127/+189
| | | | | do not print stack trace in case of user errors, fixes #1453 immediate fallback after failed activation, even with --force, before main process exit, fixes #1584
* make to-port attribute optional in tproxy rulesKaarle Ritvanen2013-01-241-2/+2
|
* transparent proxy modulev0.2.14Kaarle Ritvanen2013-01-241-0/+41
| | | | fixes #1582
* allow manipulation of option fragments in the middle of Rule.trulesKaarle Ritvanen2013-01-241-2/+8
|
* move mark attribute checking to MarkRule.initKaarle Ritvanen2013-01-241-4/+6
|
* class loading function in main moduleKaarle Ritvanen2013-01-242-9/+8
|
* table update & copy functionsKaarle Ritvanen2013-01-242-12/+15
| | | | clean-up of require statements in filter module
* explicit processing order directives for modulesKaarle Ritvanen2013-01-248-85/+106
|
* dependency resolver functionKaarle Ritvanen2013-01-243-36/+71
|
* add missing local keyword into filter.luaKaarle Ritvanen2013-01-211-2/+2
|
* properly support ipset types other than hashesv0.2.13Kaarle Ritvanen2013-01-183-27/+43
| | | | | move ipset config object handling to model.lua fixes #1535
* filter: fix warning about -m state in newer iptablesNatanael Copa2013-01-011-1/+1
| | | | | | | Fixes this warning when using recent iptables: WARNING: The state match is obsolete. Use conntrack instead. ref #1497
* mention policy file path in error message when reading failsKaarle Ritvanen2012-10-301-1/+1
| | | | fixes #1449
* search for optional policies in /etc/awall/optionalv0.2.12Kaarle Ritvanen2012-10-232-3/+6
|
* remove unnecessary local reference to awall.object moduleKaarle Ritvanen2012-10-031-2/+1
|
* enforce common base class for all objectsKaarle Ritvanen2012-10-037-7/+8
|
* stop using deprecated ip-range attribute internallyKaarle Ritvanen2012-10-031-1/+1
|
* zone-specific route-back attributev0.2.11Kaarle Ritvanen2012-10-031-1/+1
|
* rename address and port attributes in NAT rulesKaarle Ritvanen2012-09-131-5/+17
|
* make port-range work in NAT rules when ip-range not definedv0.2.10Kaarle Ritvanen2012-09-131-3/+6
|
* set prefix in log settingsv0.2.9Kaarle Ritvanen2012-09-121-1/+5
|
* support for port ranges in service definitionsv0.2.8Kaarle Ritvanen2012-09-031-1/+3
|
* support bypassing connection tracking per filter ruleKaarle Ritvanen2012-09-032-11/+32
| | | | rules for reverse direction created automatically
* allow routing-related ICMP messages by defaultKaarle Ritvanen2012-09-031-7/+24
|
* load modules in alphabetical orderKaarle Ritvanen2012-09-031-3/+7
|
* generalize awall.optfrag.combinations to accept variable number of argumentsKaarle Ritvanen2012-09-032-9/+11
|
* add ftp serviceLeonardo2012-09-031-0/+1
|
* remove unused method Filter.defaultzonesKaarle Ritvanen2012-08-281-4/+0
|
* processing order directives in policy filesv0.2.7Kaarle Ritvanen2012-08-281-10/+33
|
* configurable loggingKaarle Ritvanen2012-08-282-25/+67
|
* method for printing config object-related warningsKaarle Ritvanen2012-08-281-0/+4
|
* handle boolean values in policy files correctlyKaarle Ritvanen2012-08-281-1/+2
|
* substitute table.concat for util.joinKaarle Ritvanen2012-08-243-19/+9
|
* generate separate file for each ipsetv0.2.6Kaarle Ritvanen2012-08-243-31/+37
| | | | do not overwrite existing ipset files
* generic function for joining tables to a stringKaarle Ritvanen2012-08-242-11/+17
|
* services: correct JSON syntax errors, order alphabetically, remove whitespaceKaarle Ritvanen2012-08-241-8/+8
|
* awall/json: define some IANA portsLeonardo2012-08-161-0/+38
|
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-26 06:45:38 +0000