summaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAgeFilesLines
...
* Fix displaying the Enable/Disable checkbox. Previously after a save button ↵Ermal2010-05-041-4/+36
| | | | click it will show the old saved value.
* Fix displaying the Enable/Disable checkbox. Previously after a save button ↵Ermal2010-05-041-2/+2
| | | | click it will show the old saved value.
* Add a gitsync option for reverting to the commit used when building the image.Erik Fonnesbeck2010-05-041-6/+17
|
* When 'No RDR' is set, skip some code that does not apply.Erik Fonnesbeck2010-05-041-2/+2
|
* This check is no longer needed here.Erik Fonnesbeck2010-05-041-13/+11
|
* Return if not a supported protocol for reflection.Erik Fonnesbeck2010-05-041-1/+1
|
* 'pass' is not valid with 'no rdr'Erik Fonnesbeck2010-05-041-2/+3
|
* Ticket #491. Fix upgrade code. Since dyndns is considered and array item it ↵Ermal2010-05-041-19/+23
| | | | failed with previous code. Use index of 0 since 1.2.x does not have multiple entries.
* Skip code for generating inetd.conf entries when 'no rdr' is used.Erik Fonnesbeck2010-05-041-17/+21
|
* Ticket #535. Correct from where we get the port number.Ermal2010-05-041-1/+1
|
* Modify reflection code to avoid having duplicate rule generation code for ↵Erik Fonnesbeck2010-05-041-16/+19
| | | | when the protocol is different.
* Reflection can have side effects unexpected to the user with rules using any ↵Erik Fonnesbeck2010-05-041-1/+18
| | | | for destination address, so change any to the interface subnet for reflection rules, which should be closer to the desired behavior in most cases but without the side effect.
* Use the same destination address and port in reflection rules as is used in ↵Erik Fonnesbeck2010-05-031-12/+15
| | | | the port forward's main rule.
* In reflection rules, fix the end of the port range in port range forwards.Erik Fonnesbeck2010-05-031-5/+5
|
* Move the reflection enabled check out of filter_generate_reflection, so this ↵Erik Fonnesbeck2010-05-031-5/+8
| | | | function can be used elsewhere regardless of the system setting for it (in preparation for reflection support on 1:1 NAT mappings).
* Ticket #567. Create an entry on hosts file with the ip address of lan or the ↵Ermal2010-05-031-3/+13
| | | | first inerface ip without a gateway if lan is not present.
* Ticket #565. Correct deleting passthru mac entries. revert back to always ↵Ermal2010-05-031-28/+36
| | | | allow a passthru mac as with allowed ips. Remove the check during login for passthru mac entries they will never make it to the login page.
* Ticket #566. Reimplement the allowed ips keeping previous funcitonality and ↵Ermal2010-05-031-39/+110
| | | | improving by adding a both direction. The problem with previous commit is that it always assumes that allowed ip address would have a pipe configured and entires without one would just get dropped.
* Various fixes for handling of ports in port forwards.Erik Fonnesbeck2010-05-021-12/+17
| | | | | | | - Removed unused $srcport variable. - Moved setting the $protocol variable to after setting the ports, so it can clear the ports variables when using non-tcp/udp protocols. - Handle a couple extra possible cases for local port.
* Moving reflection's interface listing code to its own function, for use in ↵Erik Fonnesbeck2010-05-021-13/+27
| | | | future NAT reflection improvements.
* Fix a check for "any" in port forwards.Erik Fonnesbeck2010-05-021-1/+1
|
* Display some extra information about the available wireless channels.Erik Fonnesbeck2010-05-021-1/+24
|
* Remove check that prevented bugs from happening. Now all code paths are safe ↵Ermal2010-04-301-13/+0
| | | | from this.
* Remove unused function.Ermal2010-04-301-19/+0
|
* Ticket #506. Correctly save dynamic gateways extra parameters.Ermal2010-04-302-8/+10
|
* Add upgrade code for values of "Interface address" and "any" for the ↵Erik Fonnesbeck2010-04-301-0/+7
| | | | external address of port forwards. Ticket #561
* Unbreak this. Seems it needs to be filter for the rules to work.Ermal2010-04-301-1/+1
|
* Make sure package rules are last. As the way they are coded they will null ↵Ermal2010-04-301-2/+2
| | | | out entire rulesets. More work is needed to make them 2.0 comliant but for now this is enough.
* Actually minimum weight is 1.Ermal2010-04-301-1/+1
|
* Allow for each gateway a weight to be choosen if the gateway has to be used ↵Ermal2010-04-302-16/+17
| | | | in Gateway groups. This will create that many entries in the route-to statement as the weight says.
* Use nobind for OVPN client when no local port and/or no local interface is ↵pierrepomes2010-04-291-3/+5
| | | | requested. Ticket #282
* Always generate macros so ruleset does not fail even when the gateway has no ↵Ermal2010-04-291-2/+5
| | | | members.
* Generate gateways as macros and then just substitute them during the rules. ↵Ermal2010-04-291-61/+66
| | | | This allows optimizations and features as repeating the same gateway more than one to be done.
* Reload gateway groups when changing them.Ermal2010-04-291-1/+0
|
* Improve NAT Port ForwardingRenato Botelho2010-04-294-431/+466
| | | | | | | | | | | | | | New features available are: * Now you can disable a rule * You can define "no rdr" rules * Source type, address and port, with an option "not" for exceptions * Destination type, address and port, with an option "not" for exceptions Implemented by: Carlos Eduardo Ramos <carlos.ramos@bluepex.com> Renato Botelho <renato.botelho@bluepex.com> Vinicius Coque <vinicius.coque@bluepex.com> Reviewed by: cmb and efonne Sponsored by: BluePex Security Solutions
* Default to and display the last used repository URL in gitsync.Erik Fonnesbeck2010-04-291-0/+8
|
* Add gitsync support for merging from other repositories.Erik Fonnesbeck2010-04-291-0/+26
|
* Allow gitsync to properly switch branches or repositories. Resolves #523Erik Fonnesbeck2010-04-291-17/+7
|
* Resolves #554. Correct path to tftp-proxy.Ermal2010-04-291-1/+1
|
* The console menu does not show if the terminal type is not cons25 - not sure ↵Erik Fonnesbeck2010-04-281-2/+2
| | | | why. Changed to cons25 to allow the menu to work on the serial console when enabling it through the web GUI. Ticket #316
* Fix OpenVPN upgrade code for lzo compression. Resolves #280, mentioned also ↵jim-p2010-04-281-2/+2
| | | | in Ticket #482.
* Fix apparent typo in IPsec upgrade code which broke the user_fqdn identity type.jim-p2010-04-281-2/+2
|
* Ticket #507. Do not remove all static routes to readd them back. The change ↵Ermal2010-04-282-97/+44
| | | | will never delete a rule but define the action to be taken on it, either add or change a present route. Be consinstent on gateways allowed to be selected as destinations for static routes, including dynamic gateways.
* Fix typo in commentpierrepomes2010-04-271-1/+1
|
* Ticket #471. Bring up the removed/unassigned interface correctly if it is ↵Ermal2010-04-271-7/+2
| | | | parent to other interfaces, as vlans.
* Ticket #449. Actually save something to read back.Ermal2010-04-271-0/+1
|
* Ticket #449. Bring back the check if there is really an ip change on ↵Ermal2010-04-271-2/+9
| | | | interface event. This avoids reloading openvpn and other sevices when actually there is no change.
* Ticket #540. Do not require VJ compression with todays link speeds it ↵Ermal2010-04-271-1/+1
| | | | pessimizes more than helps.
* Move these functions to a more central location. Part of ticket #496jim-p2010-04-271-0/+163
|
* Ticket #389. Correctly make the ldap object picker work and handle various ↵Ermal2010-04-271-8/+8
| | | | errors.
OpenPOWER on IntegriCloud