webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-10 11:05:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
9,600 Commits 2 Branches 1 Tag
28bee14eccbc3e2cada73cbbe84634e070c8c8bc
Commit Graph

81 Commits

Author SHA1 Message Date
Alexander Marx
8b7417c50b BUG10806: fix wrong customhostgroupcheck 
The function to check for valid hostgroup entries not only
checked the target hostgroup but also the source hostgroup if any.
This lead to the error.
Now the check only affects target hostgroups because it does not matter if a sourcegroup contains mac addresses.

 Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-10-18 19:18:59 +01:00
Stefan Schantl
c98b743c09 firewall.cgi: Dynamically show/hide DNAT and SNAT configure elements. 
Fixes #10732.
 2015-04-19 01:19:11 +02:00
Stefan Schantl
93bfe63d55 Merge branch 'seventeen-geoip' into next-geoip 2015-03-15 11:38:45 +01:00
Alexander Marx
5ca4ae11ae BUG10756: fixes possibillity to enable logging when editing a rule. Also remark can be deleted 2015-03-02 15:33:44 +01:00
Alexander Marx
84a0531148 BUG10756: consolidate rulecheck 2015-03-02 15:20:32 +01:00
Stefan Schantl
c0a97a0f4a firewall.cgi: Add support for GeoIP locations / GeoIP groups. 2015-02-08 18:41:44 +01:00
Michael Tremer
3906cf7e85 Merge remote-tracking branch 'amarx/vpn-statistic1' into next 2015-01-13 17:37:18 +01:00
Michael Tremer
60bce6ba6a Merge remote-tracking branch 'amarx/BUG10615' into next 2014-09-26 13:02:28 +02:00
Alexander Marx
59c2888bae BUG10617: Allow rules from local networks to firewall itself 2014-09-19 08:11:24 +02:00
Alexander Marx
5751876534 BUG10615: fix wrong values in firewall.cgi 2014-09-11 15:10:48 +02:00
Alexander Marx
d8deec0b4f BUG10615 part2: Add ratelimit to firewallgui 2014-09-11 13:59:54 +02:00
Alexander Marx
79ad6f7e53 BUG10615 part1: Add connectionlimit to firewallgui 2014-09-11 10:59:25 +02:00
Alexander Marx
48f07c1957 Firewall: make DNAT only accessible from selected source network 
We added RED to the standard networks and now portforwardings are only
useable from the selected source. If selected "all" the portforwarding
can be used from any internal network. Else the access is only grnated
from the selected source network.
 2014-07-18 08:44:45 +02:00
Alexander Marx
f1dd19724c Firewall: Add ip addres after alias name in dropdown for source and target 2014-05-07 12:00:49 +02:00
Alexander Marx
1be052f995 Firewall: When using custom hosts and not having BLUE or ORANGE, the Ruletable took very long to display every Line 
With this commit the page is shown quickly because there's now a check
if ORANGE or BLUE exist before we test if a host might be in that
subnet.
 2014-05-06 13:21:32 +02:00
Alexander Marx
107060da53 Firewall: When using DNAT AUTO, don't display the IP anymore in brackets 2014-04-28 16:18:10 +02:00
Alexander Marx
2ed8330ee5 Firewall: BUG 10526 (missing RED iface in SNAT Dropdown) 2014-04-22 12:35:39 +02:00
Michael Tremer
cc81c43053 firewall: Fix spelling and seperate spelling issues. 2014-04-12 16:01:11 +02:00
Michael Tremer
2dd3aa93f4 firewall: Change headlines for rule sections. 2014-04-12 15:55:44 +02:00
Michael Tremer
28e003e486 firewall.cgi: Sort protocols alphabetically. 2014-04-12 15:23:45 +02:00
Alexander Marx
0626fac1ac Firewall: When having rules with more than 3 protocols, show "many" and tooltip 2014-04-11 12:07:41 +02:00
Alexander Marx
712500d0dc Firewall: Fix 10510 - Show all protocols from servicegroups (GRE,IPIP,IPV6,...) 2014-04-10 08:19:56 +02:00
Alexander Marx
6effa000ec Firewall: Fix source preselection of alias when Firewall is selected 2014-04-07 16:52:55 +02:00
Alexander Marx
476b122fa8 Firewall: BUGFIX 10507 2014-04-07 16:52:42 +02:00
Alexander Marx
896eb2d693 Firewall: Allow DNAT with target firewall 2014-03-21 12:55:34 +01:00
Alexander Marx
fd169d0adc Firewall: DNAT - Show right DNAT interface in ruletable 
Now:
When using a hostgroup as source there are all corresponding DNAT
interfaces shown in ruletable depending on the entries in the group.

When in DNAT area "-automatic" is selected, the DNAT interfaces are
shown as IP-Addresses, else they are shown as "ORANGE","GREEN","BLUE"...

BUGFIX: When there is a MAC address used in a sourcegroup, the rules could not be set. Now MAC addresses get allways the public interface as DNAT
 2014-03-21 12:51:09 +01:00
Alexander Marx
95cda25924 Firewall: DNAT - always show right red address in dropdown. 
Edited language String in DNAT area: external ip address is now Firewall
Interface
 2014-03-20 23:06:50 +01:00
Alexander Marx
cc77ac2364 Firewall: select right value in DNAT Dropdown 2014-03-18 18:03:52 +01:00
Alexander Marx
1aa5439cf1 Firewall: extend DNAT dropdown with auto,BLUE,ORANGE,GREEN 2014-03-18 18:03:42 +01:00
Alexander Marx
c6df357fd4 Firewall: When delting an OpenVPN or IPSec connection, the rules are only colored yellow and the firewallrules are reloaded automatically 2014-03-13 14:51:28 +01:00
Michael Tremer
323923d912 firewall: Allow remarks in Unicode. 2014-03-05 13:59:28 +01:00
Alexander Marx
65c9b3a508 Firewall: Remarkcheck should now support old firewallrules from converter 2014-03-05 08:13:04 +01:00
Alexander Marx
2610f3930a Firewall: When no manual ip is given on rulecreation and rule is added, there's automatically std_networks "ALL" selected 2014-03-05 08:05:52 +01:00
Michael Tremer
b062a11bbe firewall: Don't colourise MAC addresses. 
Fixes #10491.
 2014-03-05 08:05:52 +01:00
Alexander Marx
9556a0fb95 Firewall: When no manual ip is given, standard networks "all" is selected 2014-03-04 16:11:35 +01:00
Alexander Marx
5a09c99a89 Firewall: Now it is possible to just change the remark in input and outgoing 2014-03-04 16:00:14 +01:00
Alexander Marx
abb3cfcc9e Firewall: FIX allowed chars in remark 2014-03-04 15:44:02 +01:00
Alexander Marx
90c2ce0c20 Firewall: get rid of /32 subnetz when using manual ip addresses 2014-03-04 14:51:20 +01:00
Michael Tremer
3e5e8a4a88 firewall: Fix firewall policy table if only RED, GREEN + BLUE are present. 2014-02-27 20:53:25 +01:00
Alexander Marx
46a6d6c7fc Firewall: fix error when editing a rule and changing remark with invalid chars the rule was destroyed 2014-02-24 19:39:26 +01:00
Alexander Marx
ec56a5393f Firewall: fixed padding-right of lastrule table in ruleoverview 2014-02-24 19:38:43 +01:00
Michael Tremer
fe30713604 firewall.cgi: Fix path to firewall-lib.pl. 2014-02-04 12:48:01 +01:00
Alexander Marx
11e012ef66 NEW THEME: added padding-left to all tables <td> because it looks much better 2014-01-29 14:32:50 +01:00
Alexander Marx
d334d7cb47 Firewall: Bugfix - when using addressgroups with mac addresses in source, the mac rule was not correctly created. 
Further MAC issues: in target area, the manual ip field was target
ip/mac address - changed to IP-Address
Also implemented a plausicheck, if an addressgroup with mac addresses is
used in target area, theres a hint saying that the rule will not be
applied for mac hosts
 2014-01-21 11:55:56 +01:00
Alexander Marx
f5f71c79b7 firewall: some layout changes and new plausi checks for dnat 2014-01-15 16:43:42 +01:00
Stefan Schantl
bfaa69562a Firewall: Hide rule actions when using NAT. 
There is no need to choose a rule action when creating a NAT rule, so this
section can be hidden when "Use NAT" has been checked.
 2014-01-14 22:09:13 +01:00
Alexander Marx
8e7137264b firewall: perl modifications for hiding rule action when nat is used 2014-01-14 21:48:20 +01:00
Alexander Marx
aeefcc9caa Firewall: modified firewall-groups so that they can be empty even if used in rules 
Now one can create a group, use it in a rule and then delete every entry
from the group. (The firewallrule then will be displayed yellow and
disabled).
 2014-01-11 12:13:45 +01:00
Alexander Marx
62f34bba1e Layout changes firewall.cgi 2014-01-09 15:03:27 +01:00
Alexander Marx
8d28e3d092 fifteen-theme: made firewall-tables themeable 2014-01-07 09:27:24 +01:00