summaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAgeFilesLines
* Bring back IPsec PSK Tab/Edit. Part of ticket #108. Still needs backend code ↵jim-p2010-05-061-0/+10
| | | | to use the resulting keys.
* Enable even xmlwriter module.Ermal2010-05-061-0/+1
|
* Ticket #320. Use xmlreader and xmlwriter to read/write xml since it encodes ↵Ermal2010-05-061-71/+63
| | | | decodes itself special chars.
* Add client-to-client to OpenVPN server config if the option is checked. ↵jim-p2010-05-061-0/+3
| | | | Resolves #572.
* Fix upgrade code for port forwards with "Interface address" set on external ↵Erik Fonnesbeck2010-05-061-1/+2
| | | | address. Ticket #561
* Correct file_notice usage.Ermal2010-05-061-1/+1
|
* Fix the empty array check, a empty load balancer tag has a value of 1, not 0.Seth Mos2010-05-061-1/+1
|
* Do not trip with configuration upgrades on a empty load balancer tag.Seth Mos2010-05-061-1/+2
|
* Fix the regular expression used in filter_generate_address for OPT subnet so ↵Erik Fonnesbeck2010-05-061-1/+1
| | | | that it only matches the case intended. Ticket #571
* Revert last commit .. This might not work on NanoScott Ullrich2010-05-051-1/+1
|
* Use mount -a instead of -uw Ticket #444Scott Ullrich2010-05-051-1/+1
|
* Ticket #511. Do not penailize other packages if rules of one package are ↵Ermal2010-05-051-4/+8
| | | | erroneous during package rule generation.
* Implement tcp flags and sloppy state on the GUI.Ermal2010-05-051-15/+42
|
* The gui defaults to https in 2.0 correct it to make sure it is not stopped ↵Ermal2010-05-051-3/+3
| | | | by CP on the CP interface[s].
* Put all of these lines in the block under this condition and remove the ↵Erik Fonnesbeck2010-05-041-4/+2
| | | | irrelevant comment.
* Fix displaying the Enable/Disable checkbox. Previously after a save button ↵Ermal2010-05-041-4/+36
| | | | click it will show the old saved value.
* Fix displaying the Enable/Disable checkbox. Previously after a save button ↵Ermal2010-05-041-2/+2
| | | | click it will show the old saved value.
* Add a gitsync option for reverting to the commit used when building the image.Erik Fonnesbeck2010-05-041-6/+17
|
* When 'No RDR' is set, skip some code that does not apply.Erik Fonnesbeck2010-05-041-2/+2
|
* This check is no longer needed here.Erik Fonnesbeck2010-05-041-13/+11
|
* Return if not a supported protocol for reflection.Erik Fonnesbeck2010-05-041-1/+1
|
* 'pass' is not valid with 'no rdr'Erik Fonnesbeck2010-05-041-2/+3
|
* Ticket #491. Fix upgrade code. Since dyndns is considered and array item it ↵Ermal2010-05-041-19/+23
| | | | failed with previous code. Use index of 0 since 1.2.x does not have multiple entries.
* Skip code for generating inetd.conf entries when 'no rdr' is used.Erik Fonnesbeck2010-05-041-17/+21
|
* Ticket #535. Correct from where we get the port number.Ermal2010-05-041-1/+1
|
* Modify reflection code to avoid having duplicate rule generation code for ↵Erik Fonnesbeck2010-05-041-16/+19
| | | | when the protocol is different.
* Reflection can have side effects unexpected to the user with rules using any ↵Erik Fonnesbeck2010-05-041-1/+18
| | | | for destination address, so change any to the interface subnet for reflection rules, which should be closer to the desired behavior in most cases but without the side effect.
* Use the same destination address and port in reflection rules as is used in ↵Erik Fonnesbeck2010-05-031-12/+15
| | | | the port forward's main rule.
* In reflection rules, fix the end of the port range in port range forwards.Erik Fonnesbeck2010-05-031-5/+5
|
* Move the reflection enabled check out of filter_generate_reflection, so this ↵Erik Fonnesbeck2010-05-031-5/+8
| | | | function can be used elsewhere regardless of the system setting for it (in preparation for reflection support on 1:1 NAT mappings).
* Ticket #567. Create an entry on hosts file with the ip address of lan or the ↵Ermal2010-05-031-3/+13
| | | | first inerface ip without a gateway if lan is not present.
* Ticket #565. Correct deleting passthru mac entries. revert back to always ↵Ermal2010-05-031-28/+36
| | | | allow a passthru mac as with allowed ips. Remove the check during login for passthru mac entries they will never make it to the login page.
* Ticket #566. Reimplement the allowed ips keeping previous funcitonality and ↵Ermal2010-05-031-39/+110
| | | | improving by adding a both direction. The problem with previous commit is that it always assumes that allowed ip address would have a pipe configured and entires without one would just get dropped.
* Various fixes for handling of ports in port forwards.Erik Fonnesbeck2010-05-021-12/+17
| | | | | | | - Removed unused $srcport variable. - Moved setting the $protocol variable to after setting the ports, so it can clear the ports variables when using non-tcp/udp protocols. - Handle a couple extra possible cases for local port.
* Moving reflection's interface listing code to its own function, for use in ↵Erik Fonnesbeck2010-05-021-13/+27
| | | | future NAT reflection improvements.
* Fix a check for "any" in port forwards.Erik Fonnesbeck2010-05-021-1/+1
|
* Display some extra information about the available wireless channels.Erik Fonnesbeck2010-05-021-1/+24
|
* Remove check that prevented bugs from happening. Now all code paths are safe ↵Ermal2010-04-301-13/+0
| | | | from this.
* Remove unused function.Ermal2010-04-301-19/+0
|
* Ticket #506. Correctly save dynamic gateways extra parameters.Ermal2010-04-302-8/+10
|
* Add upgrade code for values of "Interface address" and "any" for the ↵Erik Fonnesbeck2010-04-301-0/+7
| | | | external address of port forwards. Ticket #561
* Unbreak this. Seems it needs to be filter for the rules to work.Ermal2010-04-301-1/+1
|
* Make sure package rules are last. As the way they are coded they will null ↵Ermal2010-04-301-2/+2
| | | | out entire rulesets. More work is needed to make them 2.0 comliant but for now this is enough.
* Actually minimum weight is 1.Ermal2010-04-301-1/+1
|
* Allow for each gateway a weight to be choosen if the gateway has to be used ↵Ermal2010-04-302-16/+17
| | | | in Gateway groups. This will create that many entries in the route-to statement as the weight says.
* Use nobind for OVPN client when no local port and/or no local interface is ↵pierrepomes2010-04-291-3/+5
| | | | requested. Ticket #282
* Always generate macros so ruleset does not fail even when the gateway has no ↵Ermal2010-04-291-2/+5
| | | | members.
* Generate gateways as macros and then just substitute them during the rules. ↵Ermal2010-04-291-61/+66
| | | | This allows optimizations and features as repeating the same gateway more than one to be done.
* Reload gateway groups when changing them.Ermal2010-04-291-1/+0
|
* Improve NAT Port ForwardingRenato Botelho2010-04-294-431/+466
| | | | | | | | | | | | | | New features available are: * Now you can disable a rule * You can define "no rdr" rules * Source type, address and port, with an option "not" for exceptions * Destination type, address and port, with an option "not" for exceptions Implemented by: Carlos Eduardo Ramos <carlos.ramos@bluepex.com> Renato Botelho <renato.botelho@bluepex.com> Vinicius Coque <vinicius.coque@bluepex.com> Reviewed by: cmb and efonne Sponsored by: BluePex Security Solutions
OpenPOWER on IntegriCloud