webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-22 08:52:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
6,404 Commits 2 Branches 1 Tag
c12392c0ef3aa71cda43fe38cfd22e4afab5cc5e
Commit Graph

3410 Commits

Author SHA1 Message Date
Alexander Marx
c12392c0ef Forward Firewall: removed NAT table and txt file. 2013-08-09 14:15:29 +02:00
Alexander Marx
60607a6c75 Forward Firewall: removed DMZ from rules.pl (does no longer exist, is forward now 2013-08-09 14:15:29 +02:00
Alexander Marx
3f09f5309c Forward Firewall: convert-dmz now puts converted files into /var/ipfire/forward/config instead of /var/ipfire/forward/dmz 2013-08-09 14:15:29 +02:00
Alexander Marx
674f4e9d51 Forward Firewall: on every reload of the new firewall-rules the firewall.local is also reloaded 2013-08-09 14:15:29 +02:00
Alexander Marx
ff4770c79b Forward Firewall: changed /etc/init.d/firewall. deleted stop routine and rearranged iptables_init and restart routine 
Now it should be possible to use /etc/init.d/firewall restart without errors
 2013-08-09 14:15:29 +02:00
Alexander Marx
fb0ce57589 Forward Firewall: cleanup unused code 2013-08-09 14:15:28 +02:00
Alexander Marx
8762442c4e Forward Firewall: INPUT Firewall added "ALL" with ip 0.0.0.0 2013-08-09 14:15:28 +02:00
Alexander Marx
690b0bd761 Forward Firewall: added OVPNBLOCK and fixed rules.pl to correctly get ip address of red iface 2013-08-09 14:15:28 +02:00
Alexander Marx
05d4f131e9 Forward Firewall: Implemented INPUT Firewall (extended external access) 
Now you are able to define INPUT Rules on every interface ip
 2013-08-09 14:15:27 +02:00
Alexander Marx
4682d02723 Forward Firewall: extended the customservices list 2013-08-09 14:13:12 +02:00
Alexander Marx
cb61489891 Forward Firewall: restored old settings in graphs.pl. With new Monofont the columnsize is ok now 2013-08-09 14:13:11 +02:00
Alexander Marx
6fab5bca2a Forward Firewall: edited rules.pl so that in the rules the ip addresses from the remote ovpn N2N subnet are used instead of the openvpn subnet(because its only used as transfer net) 2013-08-09 14:13:11 +02:00
Alexander Marx
aff15defbc Forward Firewall: rules for collectd now in firewall-policy instead of /etc/init.d/firewall 2013-08-09 14:13:10 +02:00
Alexander Marx
53f4c74d9b Forward Firewall: some changes in firewall script to make collectd work 2013-08-09 14:13:10 +02:00
Alexander Marx
9468a6f713 Forward Firewall: Firewall Hits graph now with stacked values 2013-08-09 14:13:10 +02:00
Alexander Marx
be9be7cb5b Forward Firewall: enabled /var/ipfire/optionsfw/settings in configroot 2013-08-09 14:13:10 +02:00
Alexander Marx
94ea1f0346 Forward Firewall: fixed firewall hits statistik and extended it to show input,output,forward,newnotsyn and portscan seperately. 2013-08-09 14:13:10 +02:00
Alexander Marx
6f348fcb9d Forward Firewall: edited include file of backup. 2013-08-09 14:13:07 +02:00
Alexander Marx
08e1c65d85 Forward Firewall: added SNAT multiport support 2013-08-09 14:12:40 +02:00
Alexander Marx
98cee89f94 Forward Firewall: Added multiport support to DNAT/Portforwarding 
Now it is possible to use multiple ports under DNAT when TARGET has no Port, one Port or one Portrange defined
 2013-08-09 14:12:39 +02:00
Alexander Marx
bc912c6e0c Forward Firewall: Version 0.9.9.2 
1) Some changes in en.pl
2) DNAT now supports REJECT/DROP rules
3) Bugfix: comma in remark customservicegroup
4) improved installer
 2013-08-09 14:12:39 +02:00
Alexander Marx
e09884e04f Forward Firewall: some fixes: 
1) Counter was not correctly decreased when deleting a network from a customgroup
2) Convert-outgoingfw improved
3) Backup didn't set filepermissions correctly
 2013-08-09 14:12:39 +02:00
Alexander Marx
f7e649ddfb Forward Firewall: some typos in dmz-converter 2013-08-09 14:12:39 +02:00
Alexander Marx
a60dbb4b6a Forward Firewall: added dmz-converter. 
Also extended backup.pl script to support old backups. Now it is possible to restore old backups into new firewall. On restore, all config files of new firewall will be destroyed and the 4 converters will recreate them.
 2013-08-09 14:12:37 +02:00
Alexander Marx
829697d076 Forward Firewall: enabled Portranges for DNAT 2013-08-09 14:11:58 +02:00
Alexander Marx
6be32fe504 Forward Firewall: bugfix: DNAT now correctly creates rules, when customservice defined as target 2013-08-09 14:11:58 +02:00
Alexander Marx
28640b7365 Forward Firewall: fix NAT-rules: iptables rule was not applied correctly in PORTFWACCESS 2013-08-09 14:11:58 +02:00
Alexander Marx
fb61ec6715 Forward Firewall: Bugfix: blue was allowed to connect to everywhere if forward firewall was open 2013-08-09 14:11:57 +02:00
Alexander Marx
8343fd1250 Forward Firewall: Fix converter-outgoingfw. Produced wrong counters while converting 2013-08-09 14:11:57 +02:00
Alexander Marx
54d6863787 Forward Firewall: fixed converter bug: Remark is "0" and Alias ip is taken as ip instead of name 2013-08-09 14:11:57 +02:00
Alexander Marx
6b681c40d2 Forward Firewall: 0.9.8.7 Implemented SNAT/DNAT 
reorganized firewall chains
 2013-08-09 14:11:57 +02:00
Alexander Marx
93b75f31ad Forward Firewall: clean up some files 
Fix iptables loop wirelessctrl
Fix firewall chain order
Fix policies (added comment for statistic)
 2013-08-09 14:11:56 +02:00
Alexander Marx
6397b6e789 Forward Firewall: deleted portfw from buildsystem 2013-08-09 14:11:56 +02:00
Alexander Marx
e800ca53b2 Forward Firewall: delete old Portforwarding from Firewall-menu 2013-08-09 14:11:56 +02:00
Alexander Marx
9efd8d1c7e Forward Firewall: delete old portforwarding from system and fix for wlan-firewall part 1 (loop) 2013-08-09 14:11:56 +02:00
Alexander Marx
a6edca5a89 Forward Firewall: support for SNAT/DNAT in GUI and rules.pl 2013-08-09 14:11:56 +02:00
Alexander Marx
ddcec9d339 Forward Firewall: Firewall sets Internetdevice correctly now (was always red0) 2013-08-09 14:11:56 +02:00
Alexander Marx
f2ab6fba4a Forward Firewall: 
1) Custom Hosts: now 17 chars can be entered into IP/MAC field
2) Forwardfw: Bugfix: When no alias is set and IPFIRE is selected as target, no target address is recognised
3) Forwardfw: Now source and Target addressfield (manual) are set to 17 chars maxlegth.
4) Converter: Bugfix: When starting converter from commandline, all hosts are entered into groups again.
 2013-08-09 14:11:56 +02:00
Alexander Marx
05612a544b Forward Firewall: fix converter for outgoingfw. remarkfield (new) was not implemented here 
fwhosts: Some layout changes in tables (cellspacing='0')
 2013-08-09 14:11:55 +02:00
Alexander Marx
d58677779f Forward Firewall: forgot to delete devel-comment 2013-08-09 14:11:55 +02:00
Alexander Marx
fccf52cf7e Forward Firewall: fixed a bug in convert-outgoingfw. THe hosts are created with wrong amount of fields in hasharray. 
Also fixed a bug which sets wrong firewall mode for FORWARD when outgoing rules are used.
 2013-08-09 14:11:55 +02:00
Alexander Marx
472136c927 Forward Firewall: Fix ruletimes. Now the timevalues which are entered in the gui are saved to the rulefile. 
Wenn rule.pl is called, the script calculates the difference to UTC time and sets the iptables times accordingly.

With this approach there's no need to save if the times are created in summertime or wintertime.
 2013-08-09 14:11:55 +02:00
Alexander Marx
ef6f983b17 Forward Firewall: put rule OUTGOING ACCEPT Related, established into /etc/init.d/firewall 
deleted ACCEPT OUTGOINGFW related,established from POLICYOUT
 2013-08-09 14:11:55 +02:00
Alexander Marx
a0f267b92c Forward Firewall: removed --kerneltz from rules.pl. New function timeconvert in forwardfw.cgiu takes care of timeconversion now 2013-08-09 14:11:55 +02:00
Alexander Marx
f38e0c4de0 Forward Firewall: added --kerneltz option to timeframe 2013-08-09 14:11:54 +02:00
Alexander Marx
8cb1afc817 Forward Firewall: Bugfix: When having more than 1 ICMP rule in a group, the rule is not created. 
Also changed (INPUT) to (Input) in firewall-options
 2013-08-09 14:11:54 +02:00
Alexander Marx
d47bb8a1ad Forward Firewall: Added Firewall-Options for INPUT Policy (DROP/REJECT) and built a new INPUT-POLICY in firewall-policy. 2013-08-09 14:11:09 +02:00
Alexander Marx
223d3b1dca Forward Firewall: chnaged "Internet" to "INTERNET" in dropdown (Target) 2013-08-09 14:09:17 +02:00
Alexander Marx
a615cab30e Forward Firewall: reordered Firewall Menu and changed header.pl to reflect the new menuposition for Blue Access 2013-08-09 14:09:17 +02:00
Alexander Marx
88f18201c7 Forward Firewall: changed menu to show access to blue correctly 2013-08-09 14:09:16 +02:00