Alexander Marx [Fri, 15 Feb 2013 05:21:00 +0000 (06:21 +0100)]
Forward Firewall: Changed "apply" button to be more eye-catching (red font)
also some minor bugfixes (The last entry in a used group can not be deleted)
Alexander Marx [Wed, 13 Feb 2013 12:31:55 +0000 (13:31 +0100)]
Forward Firewall: added "apply" button to groupmanagement. Now the user can make all changes and finally click apply button to reread firewallrules.
Also added a comment in de.pl and en.pl which should remiond the user to click the button.
Alexander Marx [Thu, 7 Feb 2013 12:17:25 +0000 (13:17 +0100)]
Forward Firewall: changed sortorder of servicedropdown in servicegrouping.
catched F5 when editing a host-Now no entry is saved
in customhosts table theres only the IP shown (deleted subnet)
Alexander Marx [Wed, 30 Jan 2013 08:14:01 +0000 (09:14 +0100)]
Forward Firewall: deleted mode0, added default Mode2 and fixed /etc/init.d/firewall to reload the rules correctly on reload. Also made it possible to create broadcastrules (To drop broadcastpackets)
Alexander Marx [Mon, 21 Jan 2013 20:26:44 +0000 (21:26 +0100)]
Forward Firewall: minor improvements, if an outgoingrule has a given port and prot "all", there are two new rules generated for UDP and TCP.
If an outgoingrule has only "all" as prot, but no port, there's only one new rule created
Alexander Marx [Sun, 20 Jan 2013 04:54:04 +0000 (05:54 +0100)]
Forward Firewall: edited Backup.pl. If someone put /var/ipfire/outgoing into /var/ipfire/backup/include, the rules are backed up and need to be restored.
Now the backup takes care of this and checks if there are old rules to convert.
Alexander Marx [Sat, 19 Jan 2013 20:21:18 +0000 (21:21 +0100)]
Forward Firewall: edited convert-outgoingfw.
When a Protocol ESP or GRE is used AND a Port is selected (in old system), the rule was not converted successfully.
Alexander Marx [Sat, 19 Jan 2013 19:51:12 +0000 (20:51 +0100)]
Forward Firewall: Minor changes...
1) improved convert-outgoingfw. source was wrong when tun+ interface
2) target had always a ":" in ruletable
3) convert-outgoingfw bugfix: ports where not cleared for next rule
Alexander Marx [Fri, 18 Jan 2013 09:58:33 +0000 (10:58 +0100)]
Forward Firewall: Edited Backup.pl so that any old backups get converted to new firewall. Afterwards the directories /var/ipfire/outgoing and /var/ipfire/xtaccess are removed!
Alexander Marx [Fri, 18 Jan 2013 09:18:25 +0000 (10:18 +0100)]
Forward Firewall: Bugfix: when editing an rule, the default ACTION (ACCEPT,DROP,REJECT) was set depending on Firewallmode. Now it checks, if a rule is edited and value is set to rule action
Alexander Marx [Fri, 18 Jan 2013 07:35:25 +0000 (08:35 +0100)]
Forward Firewall: added converters for old exaccess rules and old rules from outgoingfw and old firewallgroups.
Also fixed a Bug: Day SUN was not checked when in rule-edit mode
Alexander Marx [Mon, 14 Jan 2013 12:56:36 +0000 (13:56 +0100)]
Forward Firewall: BUGFIX: When editing a rule and changing position, no other changes where saved.
added the DMZHOLES Rule to init.d/firewall (but chnaged DMZHOLES to FORWARDFW
Alexander Marx [Thu, 10 Jan 2013 11:17:30 +0000 (12:17 +0100)]
Forward Firewall: edited /src/initscripts/init.d/firewall and misc-progs/wirelessctrl.c
added WIRELESSFORWARD to FORWARDFW (instead of FORWARD) so that rules work
commented out DMZHOLES lines in wirelessctrl.c to get rid of booterrormessages (There's no DMZHOLES anymore)
Alexander Marx [Wed, 9 Jan 2013 09:22:32 +0000 (10:22 +0100)]
Forward Firewall: fixed 12 Bugs from forum.
1) Added more possible chars in remark: : / .
2) Added "Internet" to std networks to be able to define internetaccess
3) When renaming a custom address, the firewallrules get updated
4) Ports are now ignored when using GRE as Protocol
5) When saving a customservice, the cursor is now in first textfield
6) Added a customservices file to installation with predefined services
7) Added ESP as protocol
8) Fixed counterproblem
9) Dropdownboxes for customservices and groups now sorted
10) Firewallrules now sorted in right order
11) fixed a Bug when defining manual address in source and target, the hint message is no longer displayed
12) When defining an external access rule, the last forwardrule was deleted
Alexander Marx [Tue, 8 Jan 2013 10:20:39 +0000 (11:20 +0100)]
Forward firewall: commented out line in init.d/firewall that all Forward traffic from green is allowed and put it in rules.pl. Now rules.pl allows this traffic when firewall is set to Mode0 or Mode2