webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-18 23:12:59 +02:00
Code Issues Packages Projects Releases Wiki Activity
18,363 Commits 2 Branches 1 Tag
3110d7a98fa4e41edb8eec3c052d8bcc728e677e
Commit Graph

17 Commits

Author SHA1 Message Date
peter.mueller@ipfire.org
a85a7a60fc firewall: raise log rate limit for user generated rules, too 
Having raised the overall log rate limit to 10 packet per second
in Core Update 136, this did not affected rules generated by the
user. In order to stay consistent, this patch also raises log rate
limit for these.

In order to avoid side effects on firewalls with slow disks, it
was probably better touch these categories separately, so testing
users won't be DoSsed instantly. :-)

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-10-08 18:30:31 +00:00
Michael Tremer
9f60aa9679 syslog: Listen to network and block access from anywhere but localhost 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-11-07 20:07:53 +00:00
Michael Tremer
475ae4b3db firewall: Suppress more warnings when initialising without GREEN 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-07-01 11:49:57 +01:00
Michael Tremer
645378fbb9 firewall: Fix MAC filter 
Packets destined for the firewall coming in from the blue
device where accepted too early to be processed by the
firewall input chain rules.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-02-05 10:24:03 +00:00
Michael Tremer
c0e0848f99 firewall: Allow blocking access to GREEN from GREEN. 2014-05-20 11:41:23 +02:00
Michael Tremer
b8ec7b86ac firewall-policy: Remove empty line. 2014-04-09 15:14:25 +02:00
Arne Fitzenreiter
c926c6375d firewall: fix green only mode. 
disable masquerade and green IP/NET check if internet is
connected via green.
 2014-04-05 11:04:25 +02:00
Michael Tremer
c26a9ed25c firewall-policy: Clarify policy rules. 
There are no functional changes here. Everything that
is not explicitely allowed is now forbidden when the
forward policy is "ALLOWED".
 2014-03-30 22:33:58 +02:00
Arne Fitzenreiter
8089b78d9d firewall-policy: fix drop and logging on red0; 2014-03-29 15:06:35 +01:00
Michael Tremer
d7050fc04a ipsec: Allow to create firewall rules for IPsec input as well. 2014-03-08 20:55:32 +01:00
Michael Tremer
824dc93601 firewall: Add a trailing space to all log prefixes for better readability. 2014-03-02 22:50:29 +01:00
Michael Tremer
0e53d8a991 firewall: Make OpenVPN access also possible when INPUT policy is REJECT. 2014-03-02 20:40:00 +01:00
Michael Tremer
2513ae737d firewall: Allow access to the entire GREEN/BLUE/ORANGE subnets. 
This includes the firewall itself as well.
 2014-03-01 16:04:01 +01:00
Michael Tremer
bcf1a62476 firewall: Fix proper check for BLUE and ORANGE devices. 2014-02-20 13:01:48 +01:00
Michael Tremer
a211fee393 firewall: Use --wait for all iptables commands. 2014-02-14 13:04:18 +01:00
Alexander Marx
6d8eb5dec7 Firewall: Renamed directory /var/ipfire/forward to /var/ipfire/firewall 2013-10-24 09:24:12 +02:00
Alexander Marx
6921f0ea0a Firewall: renamed /config/forwardfw to config/firewall 2013-10-24 08:15:48 +02:00