webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-05-06 13:06:11 +02:00
Code Issues Packages Projects Releases Wiki Activity
6,346 Commits 2 Branches 1 Tag
54d6863787ca89d11e59efc1e9d345fd5b9a5eb9
Commit Graph

54 Commits

Author SHA1 Message Date
Alexander Marx
54d6863787 Forward Firewall: fixed converter bug: Remark is "0" and Alias ip is taken as ip instead of name 2013-08-09 14:11:57 +02:00
Alexander Marx
6b681c40d2 Forward Firewall: 0.9.8.7 Implemented SNAT/DNAT 
reorganized firewall chains
 2013-08-09 14:11:57 +02:00
Alexander Marx
93b75f31ad Forward Firewall: clean up some files 
Fix iptables loop wirelessctrl
Fix firewall chain order
Fix policies (added comment for statistic)
 2013-08-09 14:11:56 +02:00
Alexander Marx
a6edca5a89 Forward Firewall: support for SNAT/DNAT in GUI and rules.pl 2013-08-09 14:11:56 +02:00
Alexander Marx
ddcec9d339 Forward Firewall: Firewall sets Internetdevice correctly now (was always red0) 2013-08-09 14:11:56 +02:00
Alexander Marx
f2ab6fba4a Forward Firewall: 
1) Custom Hosts: now 17 chars can be entered into IP/MAC field
2) Forwardfw: Bugfix: When no alias is set and IPFIRE is selected as target, no target address is recognised
3) Forwardfw: Now source and Target addressfield (manual) are set to 17 chars maxlegth.
4) Converter: Bugfix: When starting converter from commandline, all hosts are entered into groups again.
 2013-08-09 14:11:56 +02:00
Alexander Marx
05612a544b Forward Firewall: fix converter for outgoingfw. remarkfield (new) was not implemented here 
fwhosts: Some layout changes in tables (cellspacing='0')
 2013-08-09 14:11:55 +02:00
Alexander Marx
d58677779f Forward Firewall: forgot to delete devel-comment 2013-08-09 14:11:55 +02:00
Alexander Marx
fccf52cf7e Forward Firewall: fixed a bug in convert-outgoingfw. THe hosts are created with wrong amount of fields in hasharray. 
Also fixed a bug which sets wrong firewall mode for FORWARD when outgoing rules are used.
 2013-08-09 14:11:55 +02:00
Alexander Marx
472136c927 Forward Firewall: Fix ruletimes. Now the timevalues which are entered in the gui are saved to the rulefile. 
Wenn rule.pl is called, the script calculates the difference to UTC time and sets the iptables times accordingly.

With this approach there's no need to save if the times are created in summertime or wintertime.
 2013-08-09 14:11:55 +02:00
Alexander Marx
ef6f983b17 Forward Firewall: put rule OUTGOING ACCEPT Related, established into /etc/init.d/firewall 
deleted ACCEPT OUTGOINGFW related,established from POLICYOUT
 2013-08-09 14:11:55 +02:00
Alexander Marx
a0f267b92c Forward Firewall: removed --kerneltz from rules.pl. New function timeconvert in forwardfw.cgiu takes care of timeconversion now 2013-08-09 14:11:55 +02:00
Alexander Marx
f38e0c4de0 Forward Firewall: added --kerneltz option to timeframe 2013-08-09 14:11:54 +02:00
Alexander Marx
8cb1afc817 Forward Firewall: Bugfix: When having more than 1 ICMP rule in a group, the rule is not created. 
Also changed (INPUT) to (Input) in firewall-options
 2013-08-09 14:11:54 +02:00
Alexander Marx
d47bb8a1ad Forward Firewall: Added Firewall-Options for INPUT Policy (DROP/REJECT) and built a new INPUT-POLICY in firewall-policy. 2013-08-09 14:11:09 +02:00
Alexander Marx
3f6bba6dbb Forward Firewall: Forgot to delete a dev-comment 2013-08-09 14:09:15 +02:00
Alexander Marx
31fef6cc2d Forward Firewall: rules.pl supports now DMZ rules. These rules are applied first 2013-08-09 14:09:15 +02:00
Alexander Marx
12a43202a6 Forward Firewall: bugfix converter->default forward mode is now set correctly 
some layout changes
 2013-08-09 14:08:23 +02:00
Alexander Marx
6128ded855 Forward Firewall: convert-outgoingfw now supports outgoing rules 2013-08-09 14:08:22 +02:00
Alexander Marx
046d88c2d0 Forward Firewall: outgoing converter is now ble to set default policy correctly 2013-08-09 14:08:22 +02:00
Alexander Marx
c178bf21c1 Forward Firewall: added Policymode for OUTGOING to converterscript 2013-08-09 14:08:21 +02:00
Alexander Marx
aa8647835d Forward Firewall: Finalize integration of OUTGOING into firewall 2013-08-09 14:08:21 +02:00
Alexander Marx
5d7faa4518 Forward Firewall: First part of adding OUTGOING to th efirewall 2013-08-09 14:08:20 +02:00
Alexander Marx
5b7ed8bbae Forward Firewall: Tablegroup DMZ and WLAN now only show the own rules 2013-08-09 14:08:16 +02:00
Alexander Marx
6adcf1569c Forward Firewall: set standard rules for blue in mode 2 2013-08-09 14:08:16 +02:00
Alexander Marx
210ee67b53 Forward Firewall: deleted mode0, added default Mode2 and fixed /etc/init.d/firewall to reload the rules correctly on reload. Also made it possible to create broadcastrules (To drop broadcastpackets) 2013-08-09 14:08:15 +02:00
Alexander Marx
70d38e5089 Forward Firewall: fixed converterbug and added ruleposition to new rules in forwardfw.cgi 2013-08-09 14:08:15 +02:00
Alexander Marx
e3afaf8890 Forward Firewall: bugfix: network ip was treated like single host 2013-08-09 14:08:15 +02:00
Alexander Marx
47a40c9726 Forward Firewall: set P2Protocols default to "off" 2013-08-09 14:08:14 +02:00
Alexander Marx
8d1beadce3 Forward Firewall: 
1) fixed outgoingfw converter: now checkbox for logging is converted corectly
2) edited p2p_block: now a checked prot is allowed
 2013-08-09 14:08:14 +02:00
Alexander Marx
3b81fad442 Forward Firewall: converter now creates cdir format from ip-addresses 2013-08-09 14:08:13 +02:00
Alexander Marx
5238a8719d Forward Firewall: minor improvements, if an outgoingrule has a given port and prot "all", there are two new rules generated for UDP and TCP. 
If an outgoingrule has only "all" as prot, but no port, there's only one new rule created
 2013-08-09 14:08:13 +02:00
Alexander Marx
5a9fd5dbd1 Forward Firewall: extended converter 2013-08-09 14:08:13 +02:00
Alexander Marx
9edb1d7a8e Forward Firewall: edited Backup.pl. If someone put /var/ipfire/outgoing into /var/ipfire/backup/include, the rules are backed up and need to be restored. 
Now the backup takes care of this and checks if there are old rules to convert.
 2013-08-09 14:08:13 +02:00
Alexander Marx
8794629653 Forward Firewall: edited convert-outgoingfw. 
When a Protocol ESP or GRE is used AND a Port is selected (in old system), the rule was not converted successfully.
 2013-08-09 14:08:12 +02:00
Alexander Marx
99e698d033 Forward Firewall: Minor changes... 
1) improved convert-outgoingfw. source was wrong when tun+ interface
2) target had always a ":" in ruletable
3) convert-outgoingfw bugfix: ports where not cleared for next rule
 2013-08-09 14:08:12 +02:00
Alexander Marx
93a5f4a582 Forward Firewall: implemented ne column in ruletable "protocol" 2013-08-09 14:08:12 +02:00
Alexander Marx
8b3dd79147 Forward Firewall: deleted comments from converterscript 2013-08-09 14:08:12 +02:00
Alexander Marx
8f0b047b4b Forward Firewall: implemented multiport support for source and target ports 2013-08-09 14:08:12 +02:00
Alexander Marx
99e5d97623 Forward Firewall: removed newline when processing rules.pl 2013-08-09 14:08:11 +02:00
Alexander Marx
d7dc9718d3 Forward Firewall: edited rules.pl, so thatrules are created when source and target are 0.0.0.0/0.0.0.0 2013-08-09 14:08:11 +02:00
Alexander Marx
8910ee647c Forward Firewall: Removed console output from outgoingfw-converter 2013-08-09 14:08:11 +02:00
Alexander Marx
2833f5678e Forward Firewall: changed LOG directory to /var/log/converters 2013-08-09 14:08:11 +02:00
Alexander Marx
27f4a6b159 Forward Firewall: added converters for old exaccess rules and old rules from outgoingfw and old firewallgroups. 
Also fixed a Bug: Day SUN was not checked when in rule-edit mode
 2013-08-09 14:08:11 +02:00
Alexander Marx
af49e36723 Forward Firewall: edited p2pblock call in rules.pl 2013-08-09 14:08:11 +02:00
Alexander Marx
7f9d1c3969 Forward Firewall: added p2protocols to /var/ipfire/forward/ for p2pblocking options 2013-08-09 14:08:10 +02:00
Alexander Marx
36196d0d64 Forward Firewall: added P2P Block Option 2013-08-09 14:08:10 +02:00
Alexander Marx
992394d55c Forward Firewall: changed hash sorting to get right ruleorder in Iptables 2013-08-09 14:08:09 +02:00
Alexander Marx
54cb7ff019 Forward Firewall: added check for mac rules 2013-08-09 14:08:08 +02:00
Alexander Marx
b526909163 Forward Firewall: BUGFIX: MAC source addresses where not created as rules 2013-08-09 14:08:08 +02:00