aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/config/firewall/Makefile
Commit message (Collapse)AuthorAgeFilesLines
* firewall: update to git headJo-Philipp Wich2013-07-161-2/+2
| | | | | | - handles redirects as port relocations if the dest_ip points to the router itself SVN-Revision: 37374
* firewall: add missing dependenciesFelix Fietkau2013-07-101-1/+1
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 37224
* firewall: allow routed lan<->lan traffic by defaultJo-Philipp Wich2013-07-041-1/+1
| | | | SVN-Revision: 37171
* firewall: update to git headJo-Philipp Wich2013-06-291-2/+2
| | | | | | - uses custom formatting for mac addresses to ensure leading zeroes, required for older iptables mac match parser SVN-Revision: 37082
* firewall: update to git headJo-Philipp Wich2013-06-181-2/+2
| | | | | | - fixes misprocessing of unknown symbolic protocol names SVN-Revision: 36963
* firewall: update to git headJo-Philipp Wich2013-06-181-2/+2
| | | | | | - fixes calculation of IPv4 netmasks derived from 0.0.0.0/0 CIDRs SVN-Revision: 36960
* firewall: update to git headJo-Philipp Wich2013-06-131-2/+2
| | | | | | - properly process intermediate "!" options in argument list (fixes negated ipsets) SVN-Revision: 36935
* firewall: update to git headJo-Philipp Wich2013-06-131-2/+2
| | | | | | - fixes handling of reject target for rule sections with specific destination zone SVN-Revision: 36933
* firewall: udpate to git head (#13652, #13654, #13658)Jo-Philipp Wich2013-06-061-2/+2
| | | | | | | | | - optimizes chain usage for ingress rules - adds limit match support for redirect rules - fixes automatic redirect dest detection on little endian systems - leaves base chains in place on reload to allow user rules to target e.g. "reject" SVN-Revision: 36871
* firewall: copy libext*.a from staging dir and drop kernel.mk includes, ↵Jo-Philipp Wich2013-06-061-4/+1
| | | | | | solves problem with colliding CONFIG_IPV6 symbols SVN-Revision: 36868
* firewall: update to git head (#13652)Jo-Philipp Wich2013-06-051-2/+2
| | | | | | | - simplifies using ipsets for rules and redirects, match direction can be specified in-place like option ipset 'setname src dst dst' - uses zone_name_src_ACTION chains for input rules, this fixes logging with log enabled src zones SVN-Revision: 36854
* firewall3: fix accidentally changed install directiveJo-Philipp Wich2013-06-041-1/+1
| | | | SVN-Revision: 36840
* firewall: fix git source urlJo-Philipp Wich2013-06-041-1/+1
| | | | SVN-Revision: 36839
* firewall3: rename to firewall, move into base system menu, update to git ↵Jo-Philipp Wich2013-06-041-0/+66
| | | | | | head with compatibility fixes for AA SVN-Revision: 36838
* Drop legacy firewall packageJo-Philipp Wich2013-06-041-58/+0
| | | | SVN-Revision: 36837
* firewall: Remove obsoleted ULA-border ruleSteven Barth2013-05-131-1/+1
| | | | SVN-Revision: 36622
* firewall: fix logging rule regression (#12999)Jo-Philipp Wich2013-02-221-1/+1
| | | | SVN-Revision: 35745
* firewall: various enhancementsJo-Philipp Wich2013-02-041-1/+1
| | | | | | | | | | | | - reduce mssfix related log spam (#10681) - separate src and dest terminal chains (#11453, #12945) - disable per-zone custom chains by default, they're rarely used Additionally introduce options "device", "subnet", "extra", "extra_src" and "extra_dest" to allow defining zones not related to uci interfaces, e.g. to match "ppp+" or any tcp traffic to and from a specific port. SVN-Revision: 35484
* firewall: flush conntrack table after changing interface rulesJo-Philipp Wich2013-01-281-2/+2
| | | | SVN-Revision: 35348
* firewall: Add ULA site border for IPv6 traffic This prevents private traffic ↵Steven Barth2013-01-041-1/+1
| | | | | | from leaking out to the internet SVN-Revision: 35012
* firewall: fix typo in reflection hotplug scriptJo-Philipp Wich2012-12-071-1/+1
| | | | SVN-Revision: 34569
* firewall: extend nat reflection supportJo-Philipp Wich2012-12-041-1/+1
| | | | | | | | - use comment match to keep track of per-network rules - setup reflection for any interface which is part of a masqueraded zone, not just "wan" - delete per-network reflection rules if network is brought down SVN-Revision: 34472
* packages: sort network related packages into package/network/Felix Fietkau2012-10-101-0/+58
SVN-Revision: 33688
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-01 17:02:31 +0000