Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Bring back IPsec PSK Tab/Edit. Part of ticket #108. Still needs backend code ↵ | jim-p | 2010-05-06 | 1 | -0/+10 |
| | | | | to use the resulting keys. | ||||
* | Enable even xmlwriter module. | Ermal | 2010-05-06 | 1 | -0/+1 |
| | |||||
* | Ticket #320. Use xmlreader and xmlwriter to read/write xml since it encodes ↵ | Ermal | 2010-05-06 | 1 | -71/+63 |
| | | | | decodes itself special chars. | ||||
* | Add client-to-client to OpenVPN server config if the option is checked. ↵ | jim-p | 2010-05-06 | 1 | -0/+3 |
| | | | | Resolves #572. | ||||
* | Fix upgrade code for port forwards with "Interface address" set on external ↵ | Erik Fonnesbeck | 2010-05-06 | 1 | -1/+2 |
| | | | | address. Ticket #561 | ||||
* | Correct file_notice usage. | Ermal | 2010-05-06 | 1 | -1/+1 |
| | |||||
* | Fix the empty array check, a empty load balancer tag has a value of 1, not 0. | Seth Mos | 2010-05-06 | 1 | -1/+1 |
| | |||||
* | Do not trip with configuration upgrades on a empty load balancer tag. | Seth Mos | 2010-05-06 | 1 | -1/+2 |
| | |||||
* | Fix the regular expression used in filter_generate_address for OPT subnet so ↵ | Erik Fonnesbeck | 2010-05-06 | 1 | -1/+1 |
| | | | | that it only matches the case intended. Ticket #571 | ||||
* | Revert last commit .. This might not work on Nano | Scott Ullrich | 2010-05-05 | 1 | -1/+1 |
| | |||||
* | Use mount -a instead of -uw Ticket #444 | Scott Ullrich | 2010-05-05 | 1 | -1/+1 |
| | |||||
* | Ticket #511. Do not penailize other packages if rules of one package are ↵ | Ermal | 2010-05-05 | 1 | -4/+8 |
| | | | | erroneous during package rule generation. | ||||
* | Implement tcp flags and sloppy state on the GUI. | Ermal | 2010-05-05 | 1 | -15/+42 |
| | |||||
* | The gui defaults to https in 2.0 correct it to make sure it is not stopped ↵ | Ermal | 2010-05-05 | 1 | -3/+3 |
| | | | | by CP on the CP interface[s]. | ||||
* | Put all of these lines in the block under this condition and remove the ↵ | Erik Fonnesbeck | 2010-05-04 | 1 | -4/+2 |
| | | | | irrelevant comment. | ||||
* | Fix displaying the Enable/Disable checkbox. Previously after a save button ↵ | Ermal | 2010-05-04 | 1 | -4/+36 |
| | | | | click it will show the old saved value. | ||||
* | Fix displaying the Enable/Disable checkbox. Previously after a save button ↵ | Ermal | 2010-05-04 | 1 | -2/+2 |
| | | | | click it will show the old saved value. | ||||
* | Add a gitsync option for reverting to the commit used when building the image. | Erik Fonnesbeck | 2010-05-04 | 1 | -6/+17 |
| | |||||
* | When 'No RDR' is set, skip some code that does not apply. | Erik Fonnesbeck | 2010-05-04 | 1 | -2/+2 |
| | |||||
* | This check is no longer needed here. | Erik Fonnesbeck | 2010-05-04 | 1 | -13/+11 |
| | |||||
* | Return if not a supported protocol for reflection. | Erik Fonnesbeck | 2010-05-04 | 1 | -1/+1 |
| | |||||
* | 'pass' is not valid with 'no rdr' | Erik Fonnesbeck | 2010-05-04 | 1 | -2/+3 |
| | |||||
* | Ticket #491. Fix upgrade code. Since dyndns is considered and array item it ↵ | Ermal | 2010-05-04 | 1 | -19/+23 |
| | | | | failed with previous code. Use index of 0 since 1.2.x does not have multiple entries. | ||||
* | Skip code for generating inetd.conf entries when 'no rdr' is used. | Erik Fonnesbeck | 2010-05-04 | 1 | -17/+21 |
| | |||||
* | Ticket #535. Correct from where we get the port number. | Ermal | 2010-05-04 | 1 | -1/+1 |
| | |||||
* | Modify reflection code to avoid having duplicate rule generation code for ↵ | Erik Fonnesbeck | 2010-05-04 | 1 | -16/+19 |
| | | | | when the protocol is different. | ||||
* | Reflection can have side effects unexpected to the user with rules using any ↵ | Erik Fonnesbeck | 2010-05-04 | 1 | -1/+18 |
| | | | | for destination address, so change any to the interface subnet for reflection rules, which should be closer to the desired behavior in most cases but without the side effect. | ||||
* | Use the same destination address and port in reflection rules as is used in ↵ | Erik Fonnesbeck | 2010-05-03 | 1 | -12/+15 |
| | | | | the port forward's main rule. | ||||
* | In reflection rules, fix the end of the port range in port range forwards. | Erik Fonnesbeck | 2010-05-03 | 1 | -5/+5 |
| | |||||
* | Move the reflection enabled check out of filter_generate_reflection, so this ↵ | Erik Fonnesbeck | 2010-05-03 | 1 | -5/+8 |
| | | | | function can be used elsewhere regardless of the system setting for it (in preparation for reflection support on 1:1 NAT mappings). | ||||
* | Ticket #567. Create an entry on hosts file with the ip address of lan or the ↵ | Ermal | 2010-05-03 | 1 | -3/+13 |
| | | | | first inerface ip without a gateway if lan is not present. | ||||
* | Ticket #565. Correct deleting passthru mac entries. revert back to always ↵ | Ermal | 2010-05-03 | 1 | -28/+36 |
| | | | | allow a passthru mac as with allowed ips. Remove the check during login for passthru mac entries they will never make it to the login page. | ||||
* | Ticket #566. Reimplement the allowed ips keeping previous funcitonality and ↵ | Ermal | 2010-05-03 | 1 | -39/+110 |
| | | | | improving by adding a both direction. The problem with previous commit is that it always assumes that allowed ip address would have a pipe configured and entires without one would just get dropped. | ||||
* | Various fixes for handling of ports in port forwards. | Erik Fonnesbeck | 2010-05-02 | 1 | -12/+17 |
| | | | | | | | - Removed unused $srcport variable. - Moved setting the $protocol variable to after setting the ports, so it can clear the ports variables when using non-tcp/udp protocols. - Handle a couple extra possible cases for local port. | ||||
* | Moving reflection's interface listing code to its own function, for use in ↵ | Erik Fonnesbeck | 2010-05-02 | 1 | -13/+27 |
| | | | | future NAT reflection improvements. | ||||
* | Fix a check for "any" in port forwards. | Erik Fonnesbeck | 2010-05-02 | 1 | -1/+1 |
| | |||||
* | Display some extra information about the available wireless channels. | Erik Fonnesbeck | 2010-05-02 | 1 | -1/+24 |
| | |||||
* | Remove check that prevented bugs from happening. Now all code paths are safe ↵ | Ermal | 2010-04-30 | 1 | -13/+0 |
| | | | | from this. | ||||
* | Remove unused function. | Ermal | 2010-04-30 | 1 | -19/+0 |
| | |||||
* | Ticket #506. Correctly save dynamic gateways extra parameters. | Ermal | 2010-04-30 | 2 | -8/+10 |
| | |||||
* | Add upgrade code for values of "Interface address" and "any" for the ↵ | Erik Fonnesbeck | 2010-04-30 | 1 | -0/+7 |
| | | | | external address of port forwards. Ticket #561 | ||||
* | Unbreak this. Seems it needs to be filter for the rules to work. | Ermal | 2010-04-30 | 1 | -1/+1 |
| | |||||
* | Make sure package rules are last. As the way they are coded they will null ↵ | Ermal | 2010-04-30 | 1 | -2/+2 |
| | | | | out entire rulesets. More work is needed to make them 2.0 comliant but for now this is enough. | ||||
* | Actually minimum weight is 1. | Ermal | 2010-04-30 | 1 | -1/+1 |
| | |||||
* | Allow for each gateway a weight to be choosen if the gateway has to be used ↵ | Ermal | 2010-04-30 | 2 | -16/+17 |
| | | | | in Gateway groups. This will create that many entries in the route-to statement as the weight says. | ||||
* | Use nobind for OVPN client when no local port and/or no local interface is ↵ | pierrepomes | 2010-04-29 | 1 | -3/+5 |
| | | | | requested. Ticket #282 | ||||
* | Always generate macros so ruleset does not fail even when the gateway has no ↵ | Ermal | 2010-04-29 | 1 | -2/+5 |
| | | | | members. | ||||
* | Generate gateways as macros and then just substitute them during the rules. ↵ | Ermal | 2010-04-29 | 1 | -61/+66 |
| | | | | This allows optimizations and features as repeating the same gateway more than one to be done. | ||||
* | Reload gateway groups when changing them. | Ermal | 2010-04-29 | 1 | -1/+0 |
| | |||||
* | Improve NAT Port Forwarding | Renato Botelho | 2010-04-29 | 4 | -431/+466 |
| | | | | | | | | | | | | | | New features available are: * Now you can disable a rule * You can define "no rdr" rules * Source type, address and port, with an option "not" for exceptions * Destination type, address and port, with an option "not" for exceptions Implemented by: Carlos Eduardo Ramos <carlos.ramos@bluepex.com> Renato Botelho <renato.botelho@bluepex.com> Vinicius Coque <vinicius.coque@bluepex.com> Reviewed by: cmb and efonne Sponsored by: BluePex Security Solutions |