webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-23 17:32:57 +02:00
Code Issues Packages Projects Releases Wiki Activity
6,408 Commits 2 Branches 1 Tag
2af92cf5acf6d3b0ef52528a0e83a29353ff3c83
Commit Graph

6408 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alexander Marx
2af92cf5ac Forward Firewall: added new line at bottom of all ruletables with the "final rule" 2013-08-09 14:15:30 +02:00
Alexander Marx
ac9e77e3ba Forward Firewall: added missing fields to the converters (for dnat) 2013-08-09 14:15:30 +02:00
Alexander Marx
0ac6c61d37 UPNP: changed firewall chain from PORTFW to UPNPFW 2013-08-09 14:15:30 +02:00
Alexander Marx
f557ea1e59 Forward Firewall: removed PORTFWACCESS flushing from rules.pl 2013-08-09 14:15:30 +02:00
Alexander Marx
c12392c0ef Forward Firewall: removed NAT table and txt file. 2013-08-09 14:15:29 +02:00
Alexander Marx
4f3bd0ca20 Forward Firewall: changed layout of "apply-button" (after rules where changed. When using single hosts in rules, the prefix is no longer shown in the ruletable. Default settings for firewall-options changed 2013-08-09 14:15:29 +02:00
Alexander Marx
8442c93764 Forward Firewall: removed dmz from forwardfw.cgi 2013-08-09 14:15:29 +02:00
Alexander Marx
60607a6c75 Forward Firewall: removed DMZ from rules.pl (does no longer exist, is forward now 2013-08-09 14:15:29 +02:00
Alexander Marx
3f09f5309c Forward Firewall: convert-dmz now puts converted files into /var/ipfire/forward/config instead of /var/ipfire/forward/dmz 2013-08-09 14:15:29 +02:00
Alexander Marx
3b2ad4a1bd Forward Firewall: moved "firewall default behaviour" from firewall page to firewall-options page. Some changes in languagefiles de and en. 2013-08-09 14:15:29 +02:00
Alexander Marx
533a2da388 Forward Firewall: reorganised ruletable layout 2013-08-09 14:15:29 +02:00
Alexander Marx
674f4e9d51 Forward Firewall: on every reload of the new firewall-rules the firewall.local is also reloaded 2013-08-09 14:15:29 +02:00
Alexander Marx
ff4770c79b Forward Firewall: changed /etc/init.d/firewall. deleted stop routine and rearranged iptables_init and restart routine 
Now it should be possible to use /etc/init.d/firewall restart without errors
 2013-08-09 14:15:29 +02:00
Alexander Marx
fb0ce57589 Forward Firewall: cleanup unused code 2013-08-09 14:15:28 +02:00
Alexander Marx
e41b651b4a Forward Firewall: changed order of LOG and DROP rules for INPUT Chain 2013-08-09 14:15:28 +02:00
Alexander Marx
d9b691e18e Forward Firewall: added checks if manual ip (src/tgt) is part of a OpenVPN to colour the rules accordingly 2013-08-09 14:15:28 +02:00
Alexander Marx
8762442c4e Forward Firewall: INPUT Firewall added "ALL" with ip 0.0.0.0 2013-08-09 14:15:28 +02:00
Alexander Marx
ed9ab82c61 Forward Firewall 0.9.9.7: reordered INPUT POLICY. 2013-08-09 14:15:28 +02:00
Alexander Marx
690b0bd761 Forward Firewall: added OVPNBLOCK and fixed rules.pl to correctly get ip address of red iface 2013-08-09 14:15:28 +02:00
Michael Tremer
d2c4a3cab9 openvpnctrl: Cleanup flushChain functions. 2013-08-09 14:15:28 +02:00
Michael Tremer
2181b55552 openvpnctl: Flush BLOCK and SNAT chain when needed. 2013-08-09 14:15:28 +02:00
Alexander Marx
05d4f131e9 Forward Firewall: Implemented INPUT Firewall (extended external access) 
Now you are able to define INPUT Rules on every interface ip
 2013-08-09 14:15:27 +02:00
Michael Tremer
c31f18b6a9 openvpnctrl: Block all transfer subnets. 2013-08-09 14:15:27 +02:00
Michael Tremer
7c50b04834 openvpnctrl: Remove unneeded code. 2013-08-09 14:15:27 +02:00
Alexander Marx
e1eef9d53e Forward Firewall: BUGFIX: When creating DMZ Rules with MANUAL IP as source and afterwards editing the rule, the rule was copied and not just edited. 
BUGFIX: When using SNAT (outbound) the rule does not seem to work. The NAT_SOURCE chain was on wron position in POSTROUTING
 2013-08-09 14:13:12 +02:00
Alexander Marx
4682d02723 Forward Firewall: extended the customservices list 2013-08-09 14:13:12 +02:00
Alexander Marx
bac7013b21 Forward Firewall: BUGFIX - when using source Protocol and NO target protocol only the target protocol is shown in ruletable.(But rule is applied correctly) 2013-08-09 14:13:12 +02:00
Alexander Marx
c400fe4c84 Forward Firewall: fixed wrong log Entries INPUT_DROP when connected via Web or ssh 2013-08-09 14:13:12 +02:00
Alexander Marx
cb61489891 Forward Firewall: restored old settings in graphs.pl. With new Monofont the columnsize is ok now 2013-08-09 14:13:11 +02:00
Alexander Marx
6fab5bca2a Forward Firewall: edited rules.pl so that in the rules the ip addresses from the remote ovpn N2N subnet are used instead of the openvpn subnet(because its only used as transfer net) 2013-08-09 14:13:11 +02:00
Alexander Marx
3e79f33fc2 Forward Firewall: reordered some rules to get rid of INPUT_DROP messages in log when connected to webinterface 2013-08-09 14:13:11 +02:00
Alexander Marx
04abd8d958 Forward Firewall: bugfix: counter failure when adding one host to more than 1 Group 2013-08-09 14:13:11 +02:00
Alexander Marx
eff2dbf833 Forward Firewall: changed sort-order to Sort::Naturally. This Perl Module will be available since core 68. 2013-08-09 14:13:11 +02:00
Alexander Marx
e3c589276a Forward Firewall: if ipsec rw net is set to green subnet, the rules are colored green instead of purple 2013-08-09 14:13:11 +02:00
Alexander Marx
139a1ab947 Forward Firewall: removed devel-tags 2013-08-09 14:13:11 +02:00
Alexander Marx
6945e46310 Forward Firewall: rewrote portcheck routine in ovpnmain so that checks for portforwardingports are made against /var/ipfire/forward/nat instead of /var/ipfire/portfw/config 2013-08-09 14:13:11 +02:00
Alexander Marx
931e1fed53 Forward Firewall: added some plausi checks. Now it is checked if someone enters an manual ip address that is a openvpn client. 
The colors are set correctly in ruletable when someone enters a manual ip which belongs to an IPsec Network, IPsec Roadwarrior (if iprange set) or openvpn n2n
 2013-08-09 14:13:10 +02:00
Alexander Marx
dc82656bf9 Forward Firewall: 0.9.9.4a - Bugfix typo in firewallscript, DMZ Link on startpage now leads to firewall instead of dmzpinholes 2013-08-09 14:13:10 +02:00
Alexander Marx
aff15defbc Forward Firewall: rules for collectd now in firewall-policy instead of /etc/init.d/firewall 2013-08-09 14:13:10 +02:00
Alexander Marx
53f4c74d9b Forward Firewall: some changes in firewall script to make collectd work 2013-08-09 14:13:10 +02:00
Alexander Marx
9468a6f713 Forward Firewall: Firewall Hits graph now with stacked values 2013-08-09 14:13:10 +02:00
Alexander Marx
ed31c098f5 Forward Firewall: added drop rules to firewall's stop script so that collectd is working 2013-08-09 14:13:10 +02:00
Alexander Marx
be9be7cb5b Forward Firewall: enabled /var/ipfire/optionsfw/settings in configroot 2013-08-09 14:13:10 +02:00
Alexander Marx
94ea1f0346 Forward Firewall: fixed firewall hits statistik and extended it to show input,output,forward,newnotsyn and portscan seperately. 2013-08-09 14:13:10 +02:00
Alexander Marx
6f348fcb9d Forward Firewall: edited include file of backup. 2013-08-09 14:13:07 +02:00
Alexander Marx
08e1c65d85 Forward Firewall: added SNAT multiport support 2013-08-09 14:12:40 +02:00
Alexander Marx
98cee89f94 Forward Firewall: Added multiport support to DNAT/Portforwarding 
Now it is possible to use multiple ports under DNAT when TARGET has no Port, one Port or one Portrange defined
 2013-08-09 14:12:39 +02:00
Alexander Marx
ed618226bb Forward Firewall: little changes in ruletable layout. (Headline) 2013-08-09 14:12:39 +02:00
Alexander Marx
d526a95bf1 Forward Firewall: some changes in en.pl and de.pl. Also adapted "apply" button in fwhosts.cgi 2013-08-09 14:12:39 +02:00
Alexander Marx
bc912c6e0c Forward Firewall: Version 0.9.9.2 
1) Some changes in en.pl
2) DNAT now supports REJECT/DROP rules
3) Bugfix: comma in remark customservicegroup
4) improved installer
 2013-08-09 14:12:39 +02:00