webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-10 19:15:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
7,001 Commits 2 Branches 1 Tag
f880f8a22528ff0e896eb2a3e1bfdaa676493966
Commit Graph

1184 Commits

Author SHA1 Message Date
Michael Tremer
63e3da5935 vpnmain.cgi: Re-design algorithm selection. 2014-01-05 02:19:06 +01:00
Michael Tremer
22fc183e08 IPsec: Add MODP-2048 subgroups. 2014-01-05 01:34:40 +01:00
Michael Tremer
651d442ecf IPsec: Add Brainpool elliptic curves. 2014-01-05 01:27:53 +01:00
Michael Tremer
d72a820484 IPsec: Add Camellia cipher for IKE and ESP. 2014-01-05 01:11:10 +01:00
Michael Tremer
b7d9509c3a openvpn: Use AES-256-CBC as default cipher. 
Applies to new installations, only.
 2014-01-04 17:20:15 +01:00
Arne Fitzenreiter
ba263fbbb9 Merge remote-tracking branch 'origin/next' into fifteen 2013-12-30 13:45:10 +01:00
Michael Tremer
1d0a260a8b openvpn: Move verify script out of configuration directory. 2013-12-29 21:13:55 +01:00
Alexander Marx
632e0a3e5e Firewall: added amarx to credits.cgi 2013-12-23 15:16:59 +01:00
Alexander Marx
3c037075d0 Firewall: when DNAT external port is given and dest port is empty, theres now an errormessage displayed 2013-12-20 13:04:56 +01:00
Alexander Marx
a8b113e73d Firewall: Now servicegroups and networkgroups can be renamed 2013-12-20 12:10:35 +01:00
Alexander Marx
5f037986b7 Firewall: added JS to automatically select radiobuttons in fwhosts 2013-12-20 12:10:03 +01:00
Alexander Marx
484269ceac FIrewall: Rewrote complete counters for firewall-groups (hosts,networks, network-groups) 2013-12-20 12:09:52 +01:00
Alexander Marx
ce2dbe92ce Firewall: Bugfix - When editing a DNAT rule and setting prot to "all" the port from previus rule was not resettet 2013-12-20 12:08:43 +01:00
Alexander Marx
3a162dc14f Firewall: rebuild complete counter procedure in firewall-groups. This way the counters are on the fly generated and stable. also this is a prequisite to the new option that firewall-servicegroups can be rolled out by installation 2013-12-10 12:21:48 +01:00
Alexander Marx
fe2bae3b74 Firewall: Fix BETA8 - It was not possible to delete single services from servicegroups 2013-12-09 09:33:21 +01:00
Alexander Marx
82b837cff8 Firewall: Added new feature: Now protocols can be added to servicegroups (GRE,AH,ESP,IPIP,IPV6) 2013-12-06 08:47:11 +01:00
Alexander Marx
0c733ab750 Firewall: Bugfix: Fixed wrong language strings in outgoing FW rules when using std networks or ipfire 2013-12-05 15:16:19 +01:00
Alexander Marx
2be048cedc Firewall: FIxed wrong language strings in outgoing Firewall 2013-12-05 15:16:02 +01:00
Alexander Marx
5558ca2a96 Firewall: fixes commit http://git.ipfire.org/?p=people/amarx/ipfire-2.x.git;a=commitdiff;h=1ed4b214d785ad0538b0a864f43babccd55475b1 
Conflicts:
	html/cgi-bin/firewall.cgi
 2013-12-05 15:12:37 +01:00
Arne Fitzenreiter
0037264780 Merge branch 'next' into fifteen 
Conflicts:
	doc/language_issues.tr
 2013-11-30 12:45:31 +01:00
Michael Tremer
4f160f04cb proxy: Set number of file descriptors much higher. 
Some users are hitting the 65k limit regularly, so
we set the limit to a much higher number.
 2013-11-21 21:36:02 +01:00
Alexander Marx
35ca8e0203 Firewall: Bugfix: Last rule for outgoing showed wrong color, Bugfix:When using a rule with sourceport and afterwards editing this rule to use service or servicegroup, there was an errormessage. 2013-11-21 21:09:22 +01:00
Alexander Marx
7db6ad6acb Firewall: appended check of maximum ports per protocol. portranges 100:200 count as 2 ports 2013-11-13 00:34:08 +01:00
Alexander Marx
49192c7b31 Firewall: The maximum of definable services in a servicegroup is limited to 13 per protocol (tcp,udp) because iptables can only handle max 13 services in Multiport 2013-11-13 00:33:46 +01:00
Alexander Marx
a15f7d0dd5 Firewall: Bugfix: the routine to check if a vpn net or host was deleted did not work as expected. Now it even works when source and target contain a vpn host or net 2013-11-13 00:29:44 +01:00
Alexander Marx
d8afe3e2c0 Firewall: fixed colors of target column when using standard networks 
When using RED, OpenVPN-Dyn or IPsec RW as target, the column was not
colored.
 2013-11-13 00:29:21 +01:00
Michael Tremer
d3527a38c1 Multiple CGI files: Check if BLUE or ORANGE are actually configured. 2013-11-08 14:32:08 +01:00
Alexander Marx
f8cbcb7c8a Firewall: Bugfix: When creating a servcie in firewall-groups and selecting a protocol other than icmp, the enty in the ruletable shows correct values PLUS the "all icmp-types" under ICMP. 
Now the ICMP FIeld is emtpy when selecting another protocol than icmp
 2013-11-08 13:41:06 +01:00
Alexander Marx
7b82bee7c4 Firewall: Bugfix: When creating a rule and using brackets in comment, the rule is denied because of invalid characters in String. But when creating a rule with just valid characters (witjout brackets) and then editing the rule it is possible to use brackets without errormessage. 
Now brackets are allowed.
 2013-11-08 13:40:45 +01:00
Michael Tremer
cb92b363cf Merge remote-tracking branch 'amarx/firewall-fifteen' into fifteen 2013-10-31 15:35:34 +01:00
Michael Tremer
12b901f846 firewall: Fix wrong symbol for variable. 2013-10-31 15:34:40 +01:00
Alexander Marx
11ab2c7d9a Firewall: added IP-Address to dropdown in DNAT part and now all ip-addresses are in brackets 2013-10-30 15:49:21 +01:00
Alexander Marx
68f6312ac5 Firewall: Show IP-Adresses in NAT-Source dropdown 2013-10-30 13:41:33 +01:00
Michael Tremer
c03d4a5e8a firewall: Simplify code which shows the last rule. 
Also change headings of the rule sections.
 2013-10-29 18:45:40 +01:00
Michael Tremer
bee56a2d5d firewall: NAT section: Don't show irrelevant controls. 2013-10-29 16:57:58 +01:00
Michael Tremer
2a6e9ae967 Merge remote-tracking branch 'amarx/firewall-fifteen' into fifteen 2013-10-29 16:23:35 +01:00
Michael Tremer
e9a0562345 P2P block: Add notice that the user will reload the firewall ruleset. 2013-10-29 16:22:13 +01:00
Alexander Marx
daf400fa4d Firewall: fixed untranslated Strings 2013-10-29 08:34:42 +01:00
Michael Tremer
85860aff26 firewall: Fix rendering issue of the rule table. 2013-10-28 20:35:36 +01:00
Michael Tremer
901aa8b943 firewall: Fix layout of protocol selection. 2013-10-25 11:40:06 +02:00
Alexander Marx
39e360b26c Firewall: added missing translation for short IPv6 protcol in ruletable 2013-10-24 16:24:45 +02:00
Alexander Marx
9c89c64de1 Firewall: rename Protocol 41 in Dropdown and ruletable ->Now "IPv6 Encapsulation (protocol 41)" in dropdown and "IPv6 Encap" in ruletable 2013-10-24 16:04:26 +02:00
Alexander Marx
8039a71099 Firewall: renamed forwardfwctrl to firewallctrl 2013-10-24 09:42:42 +02:00
Alexander Marx
6d8eb5dec7 Firewall: Renamed directory /var/ipfire/forward to /var/ipfire/firewall 2013-10-24 09:24:12 +02:00
Alexander Marx
11760a7075 Firewall: Added protocols IPv6 (41) and IPIP (94) 2013-10-24 07:59:42 +02:00
Alexander Marx
b161bfa868 FIREWALL: renamed forwardfw.cgi in firewall.cgi 2013-10-23 16:32:26 +02:00
Alexander Marx
8cdfbf5aeb Firewall: Make it possible to use NAT without Ports specified 2013-10-23 16:30:17 +02:00
Michael Tremer
989d0fd717 firewall: Straighten the format of the rule table. 
Lots of markup and code cleanup.
 2013-10-22 20:21:33 +02:00
Michael Tremer
4a75efa5a7 p2p-block.cgi: Fix coding style. 2013-10-22 19:08:35 +02:00
Michael Tremer
0e43079789 firewall: Cleanup rules reloading. 
This has been messed up a lot because there were multiple
files which indicated that a reload is needed; shell commands
were used to create and remove the indicator file; some
functions were duplicated.
 2013-10-22 18:53:48 +02:00