people/teissler/ipfire-2.x.git
8 years agoForward Firewall: Now all customhosts are colored correctly in ruletable. Also the...
Alexander Marx [Wed, 14 Aug 2013 10:51:21 +0000 (12:51 +0200)] 
Forward Firewall: Now all customhosts are colored correctly in ruletable. Also the ip addresses in firewall-groups (hosts) are colored correctly if they are part of green,orange,blue,openvpn or ipsec

8 years agoForward Firewall: BUGFIX: when having more than 10 hosts/networks in a firewall-group...
Alexander Marx [Wed, 14 Aug 2013 07:06:38 +0000 (09:06 +0200)] 
Forward Firewall: BUGFIX: when having more than 10 hosts/networks in a firewall-groups group, the table was not shown correctly

8 years agoForward Firewall: BUG: when creating a new group in firewall-groups with the same...
Alexander Marx [Tue, 13 Aug 2013 14:00:32 +0000 (16:00 +0200)] 
Forward Firewall: BUG: when creating a new group in firewall-groups with the same name as an existing group, the line "no rule defined" was added.
BUG: THe line "no rules defined" is now "no entries in this group".

8 years agoForward Firewall: Modified the Message to reread firewallrules in p2p-block.cgi....
Alexander Marx [Tue, 13 Aug 2013 11:58:48 +0000 (13:58 +0200)] 
Forward Firewall: Modified the Message to reread firewallrules in p2p-block.cgi. This is now the same as in forwardfw.cgi and fwhost.cgi

8 years agoForward Firewall: edited GPL-header
Alexander Marx [Tue, 13 Aug 2013 11:47:27 +0000 (13:47 +0200)] 
Forward Firewall: edited GPL-header

8 years agoForward Firewall: added GPL header to all files
Alexander Marx [Tue, 13 Aug 2013 10:44:01 +0000 (12:44 +0200)] 
Forward Firewall: added GPL header to all files

8 years agoForward Firewall: added /var/ipfire/forward/bin to backup-exclude script
Alexander Marx [Mon, 12 Aug 2013 13:53:16 +0000 (15:53 +0200)] 
Forward Firewall: added /var/ipfire/forward/bin to backup-exclude script

8 years agoinitscripts: Reset links that reload the firewall after RED connected.
Michael Tremer [Mon, 12 Aug 2013 12:45:07 +0000 (14:45 +0200)] 
initscripts: Reset links that reload the firewall after RED connected.

8 years agoforwardctrl: Remove unused and possibly dangerous flush option.
Michael Tremer [Mon, 12 Aug 2013 12:42:16 +0000 (14:42 +0200)] 
forwardctrl: Remove unused and possibly dangerous flush option.

Also remove unused header files.

8 years agoFirewall: Fix spelling of service names in custom services.
Michael Tremer [Mon, 12 Aug 2013 12:39:34 +0000 (14:39 +0200)] 
Firewall: Fix spelling of service names in custom services.

8 years agoMerge remote-tracking branch 'ms/firewall-new' into firewall
Alexander Marx [Mon, 12 Aug 2013 11:30:45 +0000 (13:30 +0200)] 
Merge remote-tracking branch 'ms/firewall-new' into firewall

8 years agoMerge remote-tracking branch 'origin/next'
Arne Fitzenreiter [Sun, 11 Aug 2013 09:51:40 +0000 (11:51 +0200)] 
Merge remote-tracking branch 'origin/next'

8 years agoclose core72.
Arne Fitzenreiter [Sun, 11 Aug 2013 09:50:50 +0000 (11:50 +0200)] 
close core72.

8 years agocore72: start ipsec only if enabled after update.
Arne Fitzenreiter [Sun, 11 Aug 2013 07:46:16 +0000 (09:46 +0200)] 
core72: start ipsec only if enabled after update.

8 years agocore72: allow to update "ovpn verify script".
Arne Fitzenreiter [Sun, 11 Aug 2013 07:40:54 +0000 (09:40 +0200)] 
core72: allow to update "ovpn verify script".

Don't forget to readd this exclude to next core updater to prevent overwrite
the user ca at a openvpn update.

8 years agocore72: add ovpnmain.cgi to update.
Arne Fitzenreiter [Sun, 11 Aug 2013 07:40:03 +0000 (09:40 +0200)] 
core72: add ovpnmain.cgi to update.

8 years agocore72: stop/start squid while update.
Arne Fitzenreiter [Sun, 11 Aug 2013 07:34:52 +0000 (09:34 +0200)] 
core72: stop/start squid while update.

8 years agocore72: add language files to update.
Arne Fitzenreiter [Sun, 11 Aug 2013 07:33:25 +0000 (09:33 +0200)] 
core72: add language files to update.

9 years agosnort: update to 2.9.5.3.
Arne Fitzenreiter [Sat, 10 Aug 2013 18:10:00 +0000 (20:10 +0200)] 
snort: update to 2.9.5.3.

9 years agodaq: update to 2.0.1.
Arne Fitzenreiter [Sat, 10 Aug 2013 18:09:03 +0000 (20:09 +0200)] 
daq: update to 2.0.1.

9 years agosnort: enable non-ether-decoder for ppp support.
Arne Fitzenreiter [Sat, 10 Aug 2013 16:48:16 +0000 (18:48 +0200)] 
snort: enable non-ether-decoder for ppp support.

9 years agotor.cgi: Remove NoAdvertise option.
Michael Tremer [Sat, 10 Aug 2013 10:14:29 +0000 (12:14 +0200)] 
tor.cgi: Remove NoAdvertise option.

This does not make much sense with our setup.

9 years agoOpenVPN verify: Fix login for RW clients with >= 2 spaces in name.
Michael Tremer [Sat, 10 Aug 2013 09:08:25 +0000 (11:08 +0200)] 
OpenVPN verify: Fix login for RW clients with >= 2 spaces in name.

http://forum.ipfire.org/index.php?topic=8702.0

9 years agoUpdate translations.
Michael Tremer [Fri, 9 Aug 2013 12:50:50 +0000 (14:50 +0200)] 
Update translations.

9 years agogeneral-functions.pl: Fix overwritten substitutions.
Michael Tremer [Mon, 5 Aug 2013 07:32:46 +0000 (09:32 +0200)] 
general-functions.pl: Fix overwritten substitutions.

9 years agoForward Firewall: deleted unused warning message regarding mac addresses
Alexander Marx [Fri, 2 Aug 2013 05:55:44 +0000 (07:55 +0200)] 
Forward Firewall: deleted unused warning message regarding mac addresses

9 years agofirewall: Language updates (English and German).
Michael Tremer [Wed, 31 Jul 2013 13:47:25 +0000 (15:47 +0200)] 
firewall: Language updates (English and German).

9 years agofirewall: Add TOR chains.
Michael Tremer [Wed, 31 Jul 2013 12:31:18 +0000 (14:31 +0200)] 
firewall: Add TOR chains.

9 years agoForward Firewall: Network addresses are now allowed as source and the ip addressfield...
Alexander Marx [Wed, 31 Jul 2013 06:28:29 +0000 (08:28 +0200)] 
Forward Firewall: Network addresses are now allowed as source and the ip addressfield has now size 18.

9 years agoForward Firewall: changed rule coloring. Now whole field is colored instead of just...
Alexander Marx [Tue, 30 Jul 2013 10:32:25 +0000 (12:32 +0200)] 
Forward Firewall: changed rule coloring. Now whole field is colored instead of just borders. Back Button in firewall groups /hostgroups showed a white site

9 years agoForward Firewall: Bugfix: ICMP rules where applied double
Alexander Marx [Thu, 25 Jul 2013 08:36:36 +0000 (10:36 +0200)] 
Forward Firewall: Bugfix: ICMP rules where applied double

9 years agoForward FIrewall: Bugfix: When using predefined services in rulecreation, the rule...
Alexander Marx [Thu, 25 Jul 2013 05:33:20 +0000 (07:33 +0200)] 
Forward FIrewall: Bugfix: When using predefined services in rulecreation, the rule was not applied. Bugfix: when in rulecreationpage and pressing "back" the site gets white.

9 years agoForward FIrewall: BUGFIX: when setting outgoing to blocked and creating a rule, the...
Alexander Marx [Wed, 24 Jul 2013 06:06:24 +0000 (08:06 +0200)] 
Forward FIrewall: BUGFIX: when setting outgoing to blocked and creating a rule, the last rule changes to "accept"

9 years agoForward Firewall: renamed IPFire to Firewall in SNAT area
Alexander Marx [Thu, 18 Jul 2013 11:15:10 +0000 (13:15 +0200)] 
Forward Firewall: renamed IPFire to Firewall in SNAT area

9 years agoForward Firewall: show default rule when input is empty
Alexander Marx [Fri, 12 Jul 2013 11:30:14 +0000 (13:30 +0200)] 
Forward Firewall: show default rule when input is empty

9 years agoForward Firewall: language fixes on last rule in ruletable
Alexander Marx [Fri, 12 Jul 2013 09:40:04 +0000 (11:40 +0200)] 
Forward Firewall: language fixes on last rule in ruletable

9 years agoForward Firewall: set default options for optionsfw and minor change on optionsfw.cgi
Alexander Marx [Fri, 12 Jul 2013 09:05:57 +0000 (11:05 +0200)] 
Forward Firewall: set default options for optionsfw and minor change on optionsfw.cgi

9 years agoForward Firewall: added some javascript to automatically select radiobuttons when...
Alexander Marx [Fri, 12 Jul 2013 06:01:01 +0000 (08:01 +0200)] 
Forward Firewall: added some javascript to automatically select radiobuttons when dropdowns are changed

9 years agoForward Firewall: added some java Script to automatically select radiobuttons when...
Alexander Marx [Thu, 11 Jul 2013 15:15:15 +0000 (17:15 +0200)] 
Forward Firewall: added some java Script to automatically select radiobuttons when dropdowns are changed. Some cleanup of the code

9 years agoForward Firewall: deleted configfile "nat" in ovpnmain.cgi for portfw check. File...
Alexander Marx [Thu, 11 Jul 2013 05:43:42 +0000 (07:43 +0200)] 
Forward Firewall: deleted configfile "nat" in ovpnmain.cgi for portfw check. File "nat" no longer exists. Now the portfw rules are in file "config"

9 years agoForward Firewall: just increased version number
Alexander Marx [Wed, 10 Jul 2013 11:51:46 +0000 (13:51 +0200)] 
Forward Firewall: just increased version number

9 years agoForward Firewall: The default rule table (at the end of Forward) shows only default...
Alexander Marx [Wed, 10 Jul 2013 11:49:52 +0000 (13:49 +0200)] 
Forward Firewall: The default rule table (at the end of Forward) shows only default values depending on the network configuration

9 years agoForward Firewall: fixed check for already existing rules.
Alexander Marx [Tue, 9 Jul 2013 12:59:55 +0000 (14:59 +0200)] 
Forward Firewall: fixed check for already existing rules.

9 years agoForward Firewall: deleted postrouting block in firewall (not used anywhere)
Alexander Marx [Tue, 9 Jul 2013 12:58:30 +0000 (14:58 +0200)] 
Forward Firewall: deleted postrouting block in firewall (not used anywhere)

9 years agoiptables: Cleanup creating SNAT/DNAT chains.
Michael Tremer [Mon, 8 Jul 2013 13:53:30 +0000 (15:53 +0200)] 
iptables: Cleanup creating SNAT/DNAT chains.

9 years agoiptables: Remove OPENSSL{PHYSICAL,VIRTUAL} chains which are unused.
Michael Tremer [Mon, 8 Jul 2013 13:50:02 +0000 (15:50 +0200)] 
iptables: Remove OPENSSL{PHYSICAL,VIRTUAL} chains which are unused.

9 years agoiptables: Jump into the firewall rulesets after everything else has been done.
Michael Tremer [Mon, 8 Jul 2013 13:47:57 +0000 (15:47 +0200)] 
iptables: Jump into the firewall rulesets after everything else has been done.

9 years agoiptables: Create OVPNNAT chain after CUSTOM* chains.
Michael Tremer [Mon, 8 Jul 2013 13:41:15 +0000 (15:41 +0200)] 
iptables: Create OVPNNAT chain after CUSTOM* chains.

9 years agoiptables: Create guardian's chains after the CUSTOM* chains.
Michael Tremer [Mon, 8 Jul 2013 13:38:39 +0000 (15:38 +0200)] 
iptables: Create guardian's chains after the CUSTOM* chains.

9 years agoiptables: Cleanup creating the OVPNBLOCK chain.
Michael Tremer [Mon, 8 Jul 2013 13:36:45 +0000 (15:36 +0200)] 
iptables: Cleanup creating the OVPNBLOCK chain.

This should happen after the CUSTOM* chains.

9 years agoiptables: Block all loopback packets on non-loopback interfaces.
Michael Tremer [Mon, 8 Jul 2013 13:25:48 +0000 (15:25 +0200)] 
iptables: Block all loopback packets on non-loopback interfaces.

9 years agoiptables: Create LOOPBACK chain.
Michael Tremer [Mon, 8 Jul 2013 13:21:04 +0000 (15:21 +0200)] 
iptables: Create LOOPBACK chain.

This chain accepts all communication on the loopback
interface without running it through the entire connection
tracking first.

Packets on lo can never be blocked and must always be
accepted. The firewall has to trust itself anyway.

9 years agoiptables: Only jump into BADTCP for TCP packets.
Michael Tremer [Mon, 8 Jul 2013 13:17:56 +0000 (15:17 +0200)] 
iptables: Only jump into BADTCP for TCP packets.

This saves us from evaluating lots of rules for non-TCP
packets.

9 years agoiptables: Replace state module by conntrack module.
Michael Tremer [Mon, 8 Jul 2013 13:14:15 +0000 (15:14 +0200)] 
iptables: Replace state module by conntrack module.

The state module is deprecated in recent releases of iptables
and should not be used any more.

Additionally, this patch adds an extra chain for all
connection tracking rules, so we can keep the entire ruleset
more small and clean.

9 years agoForward Firewall: Updated outgoingfw-converter. redesign of the ruletable's defaultrules
Alexander Marx [Fri, 5 Jul 2013 10:15:05 +0000 (12:15 +0200)] 
Forward Firewall: Updated outgoingfw-converter. redesign of the ruletable's defaultrules

9 years agoForward Firewall: some textalignment in last rule row
Alexander Marx [Thu, 4 Jul 2013 10:37:34 +0000 (12:37 +0200)] 
Forward Firewall: some textalignment in last rule row

9 years agoForward Firewall: added "default-rules-table" at the end of forward ruletable
Alexander Marx [Thu, 4 Jul 2013 10:19:50 +0000 (12:19 +0200)] 
Forward Firewall: added "default-rules-table" at the end of forward ruletable

9 years agoForward Firewall: moved default rules from FORWARDFW to POLICYFWD
Alexander Marx [Wed, 3 Jul 2013 12:38:40 +0000 (14:38 +0200)] 
Forward Firewall: moved default rules from FORWARDFW to POLICYFWD

9 years agoForward Firewall: removed nat part from rules.pl (file nat not existent anymore)
Alexander Marx [Wed, 3 Jul 2013 09:26:44 +0000 (11:26 +0200)] 
Forward Firewall: removed nat part from rules.pl (file nat not existent anymore)

9 years agoForward Firewall: Bugfixes wrong interface in ruletable,when selecting alias firewall...
Alexander Marx [Wed, 3 Jul 2013 08:13:06 +0000 (10:13 +0200)] 
Forward Firewall: Bugfixes wrong interface in ruletable,when selecting alias firewall interface

9 years agoForward Firewall: some bugfixes
Alexander Marx [Wed, 3 Jul 2013 07:26:39 +0000 (09:26 +0200)] 
Forward Firewall: some bugfixes

9 years agoForward Firewall: colorize ip addresses when possible in firewall groups. subnetmask...
Alexander Marx [Tue, 2 Jul 2013 13:43:44 +0000 (15:43 +0200)] 
Forward Firewall: colorize ip addresses when possible in firewall groups. subnetmask now in cidr format

9 years agoForward Firewall: delted subnets from hosts in firewallgroups, colorized all ip-addre...
Alexander Marx [Tue, 2 Jul 2013 12:55:46 +0000 (14:55 +0200)] 
Forward Firewall: delted subnets from hosts in firewallgroups, colorized all ip-addresses from the firewall-groups if possible. Some minor changes in forwardfw.cgi

9 years agoForward Firewall: Bugfix of last commit. Added "Interface" to source or target that...
Alexander Marx [Tue, 2 Jul 2013 06:21:38 +0000 (08:21 +0200)] 
Forward Firewall: Bugfix of last commit. Added "Interface" to source or target that uses "Firewall" interfaces

9 years agoForward Firewall: When using "Firewall" as source or target, the ruletable looks...
Alexander Marx [Tue, 2 Jul 2013 06:03:25 +0000 (08:03 +0200)] 
Forward Firewall: When using "Firewall" as source or target, the ruletable looks confusing. Theres "RED" in source and target. Now theres "INTERFACE RED".

9 years agoForward Firewall: some language changes de.pl and en.pl as well as forwardfw.cgi...
root [Tue, 2 Jul 2013 02:16:52 +0000 (04:16 +0200)] 
Forward Firewall: some language changes de.pl and en.pl as well as forwardfw.cgi and fwhost.cgi

9 years agoForward Firewall: changed some names and added subnets to dropdowns
Alexander Marx [Mon, 1 Jul 2013 14:38:14 +0000 (16:38 +0200)] 
Forward Firewall: changed some names and added subnets to dropdowns

9 years agoForward Firewall: Design changes
Alexander Marx [Fri, 28 Jun 2013 07:36:31 +0000 (09:36 +0200)] 
Forward Firewall: Design changes
1) source has a new option "firewall" with dropdown for interfaces
2) source default networks->deleted IPFire, all ip's now in brackets
3) deleted warning message in Target that a mac is not usable
4) changes for "apply" button
5) in ruletable the protocol is now right beneath the ruletype column
6) changed target dropdown "INTERNET" to "RED"
7) renamed OpenVPN N-2N to OpenVPN Net-to-Net
8) set missing default firewall options
9) little changes on the en and de lang files

9 years agoForward Firewall: added new line at bottom of all ruletables with the "final rule"
Alexander Marx [Thu, 27 Jun 2013 05:28:06 +0000 (07:28 +0200)] 
Forward Firewall: added new line at bottom of all ruletables with the "final rule"

9 years agoForward Firewall: added missing fields to the converters (for dnat)
Alexander Marx [Wed, 26 Jun 2013 13:25:50 +0000 (15:25 +0200)] 
Forward Firewall: added missing fields to the converters (for dnat)

9 years agoUPNP: changed firewall chain from PORTFW to UPNPFW
Alexander Marx [Wed, 26 Jun 2013 11:54:18 +0000 (13:54 +0200)] 
UPNP: changed firewall chain from PORTFW to UPNPFW

9 years agoForward Firewall: removed PORTFWACCESS flushing from rules.pl
Alexander Marx [Wed, 26 Jun 2013 11:43:53 +0000 (13:43 +0200)] 
Forward Firewall: removed PORTFWACCESS flushing from rules.pl

9 years agoForward Firewall: removed NAT table and txt file.
Alexander Marx [Wed, 26 Jun 2013 11:30:30 +0000 (13:30 +0200)] 
Forward Firewall: removed NAT table and txt file.

9 years agoForward Firewall: changed layout of "apply-button" (after rules where changed. When...
Alexander Marx [Wed, 26 Jun 2013 08:29:02 +0000 (10:29 +0200)] 
Forward Firewall: changed layout of "apply-button" (after rules where changed. When using single hosts in rules, the prefix is no longer shown in the ruletable. Default settings for firewall-options changed

9 years agoForward Firewall: removed dmz from forwardfw.cgi
Alexander Marx [Wed, 26 Jun 2013 07:42:38 +0000 (09:42 +0200)] 
Forward Firewall: removed dmz from forwardfw.cgi

9 years agoForward Firewall: removed DMZ from rules.pl (does no longer exist, is forward now
Alexander Marx [Wed, 26 Jun 2013 07:07:05 +0000 (09:07 +0200)] 
Forward Firewall: removed DMZ from rules.pl (does no longer exist, is forward now

9 years agoForward Firewall: convert-dmz now puts converted files into /var/ipfire/forward/confi...
Alexander Marx [Wed, 26 Jun 2013 05:56:35 +0000 (07:56 +0200)] 
Forward Firewall: convert-dmz now puts converted files into /var/ipfire/forward/config instead of /var/ipfire/forward/dmz

9 years agoForward Firewall: moved "firewall default behaviour" from firewall page to firewall...
Alexander Marx [Wed, 26 Jun 2013 05:38:15 +0000 (07:38 +0200)] 
Forward Firewall: moved "firewall default behaviour" from firewall page to firewall-options page. Some changes in languagefiles de and en.

9 years agoForward Firewall: reorganised ruletable layout
Alexander Marx [Tue, 25 Jun 2013 10:35:01 +0000 (12:35 +0200)] 
Forward Firewall: reorganised ruletable layout

9 years agoForward Firewall: on every reload of the new firewall-rules the firewall.local is...
Alexander Marx [Thu, 20 Jun 2013 09:23:43 +0000 (11:23 +0200)] 
Forward Firewall: on every reload of the new firewall-rules the firewall.local is also reloaded

9 years agoForward Firewall: changed /etc/init.d/firewall. deleted stop routine and rearranged...
Alexander Marx [Wed, 19 Jun 2013 11:31:40 +0000 (13:31 +0200)] 
Forward Firewall: changed /etc/init.d/firewall. deleted stop routine and rearranged iptables_init and restart routine
Now it should be possible to use /etc/init.d/firewall restart without errors

9 years agoForward Firewall: cleanup unused code
Alexander Marx [Mon, 17 Jun 2013 10:45:57 +0000 (12:45 +0200)] 
Forward Firewall: cleanup unused code

9 years agoForward Firewall: changed order of LOG and DROP rules for INPUT Chain
Alexander Marx [Mon, 17 Jun 2013 08:21:24 +0000 (10:21 +0200)] 
Forward Firewall: changed order of LOG and DROP rules for INPUT Chain

9 years agoForward Firewall: added checks if manual ip (src/tgt) is part of a OpenVPN to colour...
Alexander Marx [Thu, 13 Jun 2013 08:17:18 +0000 (10:17 +0200)] 
Forward Firewall: added checks if manual ip (src/tgt) is part of a OpenVPN to colour the rules accordingly

9 years agoForward Firewall: INPUT Firewall added "ALL" with ip 0.0.0.0
Alexander Marx [Wed, 12 Jun 2013 13:17:12 +0000 (15:17 +0200)] 
Forward Firewall: INPUT Firewall added "ALL" with ip 0.0.0.0

9 years agoForward Firewall 0.9.9.7: reordered INPUT POLICY.
Alexander Marx [Wed, 12 Jun 2013 13:05:31 +0000 (15:05 +0200)] 
Forward Firewall 0.9.9.7: reordered INPUT POLICY.

9 years agoForward Firewall: added OVPNBLOCK and fixed rules.pl to correctly get ip address...
Alexander Marx [Wed, 12 Jun 2013 11:00:20 +0000 (13:00 +0200)] 
Forward Firewall: added OVPNBLOCK and fixed rules.pl to correctly get ip address of red iface

9 years agoopenvpnctrl: Cleanup flushChain functions.
Michael Tremer [Wed, 12 Jun 2013 12:14:53 +0000 (14:14 +0200)] 
openvpnctrl: Cleanup flushChain functions.

9 years agoopenvpnctl: Flush BLOCK and SNAT chain when needed.
Michael Tremer [Wed, 12 Jun 2013 10:50:33 +0000 (12:50 +0200)] 
openvpnctl: Flush BLOCK and SNAT chain when needed.

9 years agoForward Firewall: Implemented INPUT Firewall (extended external access)
Alexander Marx [Tue, 11 Jun 2013 13:53:31 +0000 (15:53 +0200)] 
Forward Firewall: Implemented INPUT Firewall (extended external access)

Now you are able to define INPUT Rules on every interface ip

9 years agoopenvpnctrl: Block all transfer subnets.
Michael Tremer [Fri, 31 May 2013 11:31:48 +0000 (13:31 +0200)] 
openvpnctrl: Block all transfer subnets.

9 years agoopenvpnctrl: Remove unneeded code.
Michael Tremer [Thu, 30 May 2013 19:55:26 +0000 (21:55 +0200)] 
openvpnctrl: Remove unneeded code.

9 years agoForward Firewall: BUGFIX: When creating DMZ Rules with MANUAL IP as source and afterw...
Alexander Marx [Mon, 27 May 2013 08:33:50 +0000 (10:33 +0200)] 
Forward Firewall: BUGFIX: When creating DMZ Rules with MANUAL IP as source and afterwards editing the rule, the rule was copied and not just edited.
BUGFIX: When using SNAT (outbound) the rule does not seem to work. The NAT_SOURCE chain was on wron position in POSTROUTING

9 years agoForward Firewall: extended the customservices list
Alexander Marx [Wed, 22 May 2013 05:43:46 +0000 (07:43 +0200)] 
Forward Firewall: extended the customservices list

9 years agoForward Firewall: BUGFIX - when using source Protocol and NO target protocol only...
Alexander Marx [Wed, 8 May 2013 06:19:03 +0000 (08:19 +0200)] 
Forward Firewall: BUGFIX - when using source Protocol and NO target protocol only the target protocol is shown in ruletable.(But rule is applied correctly)

9 years agoForward Firewall: fixed wrong log Entries INPUT_DROP when connected via Web or ssh
Alexander Marx [Tue, 7 May 2013 10:02:17 +0000 (12:02 +0200)] 
Forward Firewall: fixed wrong log Entries INPUT_DROP when connected via Web or ssh

9 years agoForward Firewall: restored old settings in graphs.pl. With new Monofont the columnsiz...
Alexander Marx [Thu, 2 May 2013 13:55:14 +0000 (15:55 +0200)] 
Forward Firewall: restored old settings in graphs.pl. With new Monofont the columnsize is ok now

9 years agoForward Firewall: edited rules.pl so that in the rules the ip addresses from the...
Alexander Marx [Tue, 30 Apr 2013 07:58:01 +0000 (09:58 +0200)] 
Forward Firewall: edited rules.pl so that in the rules the ip addresses from the remote ovpn N2N subnet are used instead of the openvpn subnet(because its only used as transfer net)

9 years agoForward Firewall: reordered some rules to get rid of INPUT_DROP messages in log when...
Alexander Marx [Tue, 30 Apr 2013 06:13:54 +0000 (08:13 +0200)] 
Forward Firewall: reordered some rules to get rid of INPUT_DROP messages in log when connected to webinterface

9 years agoForward Firewall: bugfix: counter failure when adding one host to more than 1 Group
Alexander Marx [Mon, 29 Apr 2013 14:12:14 +0000 (16:12 +0200)] 
Forward Firewall: bugfix: counter failure when adding one host to more than 1 Group