Commit graph

7 commits

Author SHA1 Message Date
Jo-Philipp Wich
ca5bf9e291 firewall: - handle NAT reflection in firewall hotplug, solves synchronizing issues on boot - introduce masq_src and masq_dest options to limit zone masq to specific ip ranges, supports multiple subnets and negation
SVN-Revision: 22888
2010-09-04 15:49:13 +00:00
Jo-Philipp Wich
ee4dd61b10 firewall: - fix processing of rules with an ip family option - append interface rules at the end of internal zone chains, simplifies injecting user or addon rules - support simple file logging (option log + option log_limit per zone)
SVN-Revision: 22847
2010-08-31 01:54:08 +00:00
Jo-Philipp Wich
d6d1dd47d3 firewall: fix another notrack related bug
SVN-Revision: 22218
2010-07-15 23:24:01 +00:00
Jo-Philipp Wich
f8fa598bf4 firewall: - notrack support was broken in multiple ways, fix it - also consider a zone conntracked if any redirect references it (#7196)
SVN-Revision: 22215
2010-07-15 22:01:48 +00:00
Jo-Philipp Wich
40ad9defcc firewall: - fix ip6tables rules when icmp_type option is set - add "family" option to zones, forwardings, redirects and rules to selectively apply rules to iptables and/or ip6tables
SVN-Revision: 21508
2010-05-19 21:35:23 +00:00
Jo-Philipp Wich
3ffd27f905 firewall: implement disable_ipv6 uci option
SVN-Revision: 21503
2010-05-19 01:55:46 +00:00
Jo-Philipp Wich
c284cb51c0 firewall: - replace uci firewall with a modular dual stack implementation developed by Malte S. Stretz - bump version to 2
SVN-Revision: 21286
2010-05-01 18:22:01 +00:00