| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Allow IPv6 on loopback even where IPv6 is otherwise disabled. The intent of t... | Chris Buechler | 2014-12-31 | 1 | -0/+3 |
| * | Only set route-to and reply-to on ESP and ISAKMP rules if the remote endpoint... | Chris Buechler | 2014-12-30 | 1 | -12/+18 |
| * | Unbreak IPsec rules generation for IPsec over CARP. Should help even Ticket #... | Ermal LUÇI | 2014-12-30 | 1 | -1/+1 |
| * | Split ICMP and ICMPv6 types on Firewall Rules | Renato Botelho | 2014-12-11 | 1 | -0/+61 |
| * | Update filter.inc | Dmitriy K. | 2014-12-01 | 1 | -1/+1 |
| * | Rather than set the g['booting'] on globals provide a function to test for th... | Ermal LUÇI | 2014-11-26 | 1 | -11/+11 |
| * | MSS clamping on VPNs is necessary in both directions where it's needed. Rathe... | Chris Buechler | 2014-11-22 | 1 | -0/+1 |
| * | Fixes #3198, check that subnet masks are equal when choosing binat type for I... | Ermal LUÇI | 2014-11-20 | 1 | -2/+13 |
| * | Retire flowtable_configure as a useless code since its not in kernel | Ermal | 2014-11-10 | 1 | -30/+0 |
| * | Ticket #3967. Allow to have carp as parent of ipaliases - continued | Ermal | 2014-11-10 | 1 | -1/+1 |
| * | When an alias contain hosts, add IPs and networks to filterdns too, otherwise... | Renato Botelho | 2014-11-05 | 1 | -1/+15 |
| * | remove old DISABLE_PHP_LINT_CHECKING, which dates way back to the CVS days an... | Chris Buechler | 2014-11-04 | 1 | -1/+0 |
| * | block IPv4 link-local. Per RFC 3927, hosts "MUST NOT send the packet to | Chris Buechler | 2014-10-14 | 1 | -0/+5 |
| * | Fix pf syntax s/divert/divert-to/. It should fix #3921 | Renato Botelho | 2014-10-10 | 1 | -1/+1 |
| * | Fix not rules for OPTn network case | Phil Davis | 2014-10-06 | 1 | -10/+7 |
| * | get back to our standard RFC-defined capitalization of IPsec | Chris Buechler | 2014-10-02 | 1 | -2/+2 |
| * | Change is_port() to only validate a single port, we have is_portrange() for s... | Renato Botelho | 2014-09-10 | 1 | -1/+1 |
| * | As pointed out by Ermal, VIPs should go first in the list since NAT is first ... | Renato Botelho | 2014-09-09 | 1 | -2/+2 |
| * | Take virtual IPs into consideration for automatic outbound NAT rules, it shou... | Renato Botelho | 2014-08-22 | 1 | -0/+18 |
| * | Remove double defined 'localhost' on the list of networks to create outbound ... | Renato Botelho | 2014-08-11 | 1 | -1/+1 |
| * | Do not create automatic outbound NAT rule for disabled openvpn servers and cl... | Renato Botelho | 2014-08-11 | 1 | -2/+2 |
| * | Fix #983 - Add IP aliases subnets to interface subnet macro on GUI, since I'm... | Renato Botelho | 2014-07-22 | 1 | -6/+52 |
| * | Convert almost all /sbin/sysctl calls to php functions | Renato Botelho | 2014-07-07 | 1 | -8/+10 |
| * | Fix dscp values and provide a config upgrade to fix values stored in config.x... | Renato Botelho | 2014-06-24 | 1 | -1/+1 |
| * | Merge pull request #1239 from phil-davis/patch-9 | jim-p | 2014-06-20 | 1 | -1/+1 |
| |\ |
|
| | * | Only include a scheduled rule if it is strictly before the end time | Phil Davis | 2014-06-19 | 1 | -1/+1 |
| * | | Remove extra data after space and fix pf rule syntax. It should fix #3688 | Renato Botelho | 2014-06-20 | 1 | -1/+1 |
| * | | Replace some backticks by exec ans simplify commands | Renato Botelho | 2014-06-19 | 1 | -1/+1 |
| |/ |
|
| * | Make logging of pass rules opt-in rather than opt-out | Ermal | 2014-05-27 | 1 | -1/+1 |
| * | Split the setting of logging pass and block into 2 separate settings. Maybe t... | Ermal | 2014-05-27 | 1 | -92/+93 |
| * | Add (self) keyword for specifying "any IP address on this firewall" as a rule... | jim-p | 2014-05-23 | 1 | -0/+6 |
| * | Expose all p0f OS types that it supports so that subtypes of various Operatin... | jim-p | 2014-04-29 | 1 | -1/+1 |
| * | check gateway for IPv6 also for reply-to rules. | PiBa-NL | 2014-04-19 | 1 | -1/+1 |
| * | Switch over to filterlog sooner than later | Ermal | 2014-04-14 | 1 | -13/+3 |
| * | Use proper variable name for the interface | Ermal | 2014-03-28 | 1 | -1/+1 |
| * | Log everything when selected to do so | Ermal | 2014-03-26 | 1 | -93/+93 |
| * | Correct the generation of antifpoof rules with tracker. Also honor the log di... | Ermal | 2014-03-26 | 1 | -4/+3 |
| * | Give each rule hardcoded on the ruleset a tracker so log entries give up prop... | Ermal | 2014-03-26 | 1 | -103/+183 |
| * | Do not garble the error logging message | Ermal | 2014-03-20 | 1 | -3/+4 |
| * | Try to restore last working ruleset rather than staying without configuration... | Ermal | 2014-03-20 | 1 | -6/+11 |
| * | Disable default allow incoming rules for 6to4 and 6rd interfaces. This rule u... | Ermal | 2014-03-17 | 1 | -2/+4 |
| * | Only add dhcpv6 client allow rules if ipv6allow is set | Renato Botelho | 2014-02-18 | 1 | -1/+1 |
| * | Move 'allow dhcpv6 client' rules above block bogonsv6 ones, it should fix #3395 | Renato Botelho | 2014-02-18 | 1 | -15/+18 |
| * | Merge pull request #891 from PiBa-NL/captive_disable | Renato Botelho | 2014-02-18 | 1 | -0/+2 |
| |\ |
|
| | * | captive portal, don't generate rules for disabled portal | PiBa-NL | 2014-01-25 | 1 | -0/+2 |
| * | | Move this global declaration to the proper file rather than backend code | Ermal | 2014-02-17 | 1 | -12/+0 |
| * | | fix syntax | Renato Botelho | 2014-01-02 | 1 | -1/+1 |
| * | | Generate a tracker id for the filter rules for now. Maybe for nat rules as well? | Ermal | 2013-12-31 | 1 | -2/+5 |
| * | | Use _vip as identified for CARP vip IPs to allow easier upgrade code. This wa... | Ermal | 2013-12-06 | 1 | -1/+4 |
| * | | Load only the options and nothing else | Ermal | 2013-12-06 | 1 | -1/+1 |
