CVS log for scripts/shell/firewall/fw-universal.sh
![[BACK]](http://cvsweb.platon.sk/icons/back.gif) Up to [Platon] / scripts / shell / firewall
Request diff between arbitrary revisions
Default branch: MAIN
Revision 2.92 / (download) - [select for diffs], Tue Oct 30 16:08:52 2012 UTC (6 months, 3 weeks ago) by rajo
Changes since 2.91: +20 -20 lines
Diff to previous 2.91 (colored)
Fixed warning: The state match is obsolete. Use conntrack instead.
Revision 2.91 / (download) - [select for diffs], Tue Feb 14 22:52:12 2012 UTC (15 months, 1 week ago) by rajo
Changes since 2.90: +3 -1 lines
Diff to previous 2.90 (colored)
Start with new firewalling rules after blocking some subnet.
Revision 2.90 / (download) - [select for diffs], Sat Feb 11 19:38:51 2012 UTC (15 months, 1 week ago) by rajo
Changes since 2.89: +15 -12 lines
Diff to previous 2.89 (colored)
Cosmetic changes.
Revision 2.89 / (download) - [select for diffs], Sat Feb 11 19:06:20 2012 UTC (15 months, 1 week ago) by rajo
Changes since 2.88: +5 -2 lines
Diff to previous 2.88 (colored)
IP tables can be configured.
Revision 2.88 / (download) - [select for diffs], Sat Feb 11 18:59:55 2012 UTC (15 months, 1 week ago) by rajo
Changes since 2.87: +33 -9 lines
Diff to previous 2.87 (colored)
Implemented remote update function.
deploy-block is not backward compatible, update to latest version.
Revision 2.87 / (download) - [select for diffs], Fri Feb 10 23:01:58 2012 UTC (15 months, 1 week ago) by rajo
Changes since 2.86: +74 -8 lines
Diff to previous 2.86 (colored)
* Commited lost revision 2.87 (server migration)
* Added "update" and "deploy-update" commands, can be customized with
variable $UPDATE_SCRIPT.
Revision 2.86 / (download) - [select for diffs], Sat Dec 10 19:46:02 2011 UTC (17 months, 1 week ago) by nepto
Changes since 2.85: +3 -1 lines
Diff to previous 2.85 (colored)
Added newline every 5 entries in Accepting INPUT TCP
Revision 2.85 / (download) - [select for diffs], Sat Dec 3 19:28:30 2011 UTC (17 months, 2 weeks ago) by rajo
Changes since 2.84: +28 -36 lines
Diff to previous 2.84 (colored)
Shell variables should be quoted.
Revision 2.84 / (download) - [select for diffs], Fri Nov 18 23:58:33 2011 UTC (18 months ago) by rajo
Changes since 2.83: +33 -5 lines
Diff to previous 2.83 (colored)
Fix: multiport support for drop rules
Revision 2.83 / (download) - [select for diffs], Fri Nov 18 23:49:00 2011 UTC (18 months ago) by rajo
Changes since 2.82: +3 -3 lines
Diff to previous 2.82 (colored)
Fix: bash integer expression expected
Revision 2.82 / (download) - [select for diffs], Fri Nov 18 23:26:18 2011 UTC (18 months ago) by rajo
Changes since 2.81: +73 -17 lines
Diff to previous 2.81 (colored)
Optimization: ports can be separated by comma: single rule with -m multiport --dports
22,80,443 is then generated instead of multiple rules.
Revision 2.81 / (download) - [select for diffs], Mon Oct 3 17:42:56 2011 UTC (19 months, 2 weeks ago) by nepto
Changes since 2.80: +2 -2 lines
Diff to previous 2.80 (colored)
Fixed broken MD5 key creation in load_cache()
Revision 2.80 / (download) - [select for diffs], Mon Oct 3 17:33:52 2011 UTC (19 months, 2 weeks ago) by nepto
Changes since 2.79: +19 -3 lines
Diff to previous 2.79 (colored)
Better creation of $config variable in load_cache()
Revision 2.79 / (download) - [select for diffs], Wed Jul 20 19:05:12 2011 UTC (22 months ago) by nepto
Changes since 2.78: +82 -23 lines
Diff to previous 2.78 (colored)
Implemented XEN_MODE
Revision 2.78 / (download) - [select for diffs], Thu Jul 14 13:13:22 2011 UTC (22 months, 1 week ago) by nepto
Changes since 2.77: +5 -1 lines
Diff to previous 2.77 (colored)
Created XEN_MODE: if initialized, default policy for FORWARD is ACCEPT
Revision 2.77 / (download) - [select for diffs], Mon Jan 24 20:26:04 2011 UTC (2 years, 3 months ago) by rajo
Changes since 2.76: +79 -18 lines
Diff to previous 2.76 (colored)
* Commited some older work - fixes related to DHCP requests and Windows
* Added LSB fields into header. See Dependency based boot sequence
http://wiki.debian.org/LSBInitScripts/DependencyBasedBoot
* Implemented NAT_FORWARD_TCP_HOSTS NAT_FORWARD_UDP_HOSTS (all packets
to this hosts are permitted from local network behind NAT)
* Implemented NAT_FORWARD_TCP_CLIENTS NAT_FORWARD_UDP_CLIENTS (all
packets from client behind NAT are permitted)
* Commited some older work - fixes related to DHCP requests and MS
Windows traffic
I'm sorry for this "multicommit".
Revision 2.76 / (download) - [select for diffs], Sun Jan 16 12:18:14 2011 UTC (2 years, 4 months ago) by nepto
Changes since 2.75: +15 -2 lines
Diff to previous 2.75 (colored)
Added Debian LSB tags
Revision 2.75 / (download) - [select for diffs], Fri Oct 22 12:20:42 2010 UTC (2 years, 7 months ago) by nepto
Changes since 2.74: +4 -4 lines
Diff to previous 2.74 (colored)
Use "print_info" instead of "echo" in custom_rules()
Revision 2.74 / (download) - [select for diffs], Sun Aug 8 23:34:25 2010 UTC (2 years, 9 months ago) by nepto
Changes since 2.73: +29 -1 lines
Diff to previous 2.73 (colored)
Custom rules implemented
Revision 2.73 / (download) - [select for diffs], Mon Jun 21 21:52:16 2010 UTC (2 years, 11 months ago) by nepto
Changes since 2.72: +2 -2 lines
Diff to previous 2.72 (colored)
Shell must be bash, since dash is not working well
Revision 2.72 / (download) - [select for diffs], Wed Jun 9 11:29:14 2010 UTC (2 years, 11 months ago) by nepto
Changes since 2.71: +2 -2 lines
Diff to previous 2.71 (colored)
Fixed udp vs tcp typo
Revision 2.71 / (download) - [select for diffs], Fri Nov 6 23:14:36 2009 UTC (3 years, 6 months ago) by nepto
Changes since 2.70: +64 -2 lines
Diff to previous 2.70 (colored)
Implemented REAL_DROP_INPUT_TCP/UDP, REAL_REJECT_INPUT_TCP/UDP and
REAL_ACCEPT_INPUT_TCP/UDP configuration options as an alternatives
for ALL_*_INPUT_TCP/UDP which work for real interfaces only.
New REAL_*_INPUT_TCP/UDP options works for yet non-existent interfaces
as well, what could be useful for an IP failover in HA clustering.
Revision 2.70 / (download) - [select for diffs], Wed Jul 1 12:28:07 2009 UTC (3 years, 10 months ago) by nepto
Changes since 2.69: +2 -2 lines
Diff to previous 2.69 (colored)
Updated copyright info
Revision 2.69 / (download) - [select for diffs], Wed Jul 1 12:23:11 2009 UTC (3 years, 10 months ago) by nepto
Changes since 2.68: +2 -2 lines
Diff to previous 2.68 (colored)
Return sorted list of interfaces
Revision 2.68 / (download) - [select for diffs], Wed Mar 4 22:51:42 2009 UTC (4 years, 2 months ago) by nepto
Changes since 2.67: +17 -3 lines
Diff to previous 2.67 (colored)
Implemented IP-ADDRESS:ALL for enabling traffic to ALL ports from
certain IP address
Revision 2.67 / (download) - [select for diffs], Wed Feb 11 22:55:41 2009 UTC (4 years, 3 months ago) by rajo
Changes since 2.66: +6 -3 lines
Diff to previous 2.66 (colored)
Fix: 96.0.0.0/4 is not reseverd network by IANA anymore - there is a part od Comcast network. Thanks to Tony <sailorcto AT gmail.com>.
Revision 2.66 / (download) - [select for diffs], Fri Feb 6 23:13:38 2009 UTC (4 years, 3 months ago) by rajo
Changes since 2.65: +13 -5 lines
Diff to previous 2.65 (colored)
NAT: IP alias can be forwarded to machine in local network.
Revision 2.65 / (download) - [select for diffs], Fri Feb 6 00:43:12 2009 UTC (4 years, 3 months ago) by rajo
Changes since 2.64: +2 -2 lines
Diff to previous 2.64 (colored)
Debug disabled.
Revision 2.64 / (download) - [select for diffs], Fri Feb 6 00:38:56 2009 UTC (4 years, 3 months ago) by rajo
Changes since 2.63: +71 -61 lines
Diff to previous 2.63 (colored)
IPtables rules can be defined per IP address alias (eth0:0, eth0:1,
...), not per IP of interface (eth0). This enhances rules granularity,
because interface eth0:0 can have different rules than eth0:1.
Revision 2.63 / (download) - [select for diffs], Sat Jan 17 01:37:08 2009 UTC (4 years, 4 months ago) by rajo
Changes since 2.62: +6 -6 lines
Diff to previous 2.62 (colored)
Fix: fixed check_tools() (see previus patch - I'm a little bit drunk and tired)
Revision 2.62 / (download) - [select for diffs], Sat Jan 17 01:31:26 2009 UTC (4 years, 4 months ago) by rajo
Changes since 2.61: +31 -21 lines
Diff to previous 2.61 (colored)
Added dependency checks.
Revision 2.61 / (download) - [select for diffs], Sat Jan 17 01:16:43 2009 UTC (4 years, 4 months ago) by rajo
Changes since 2.60: +3 -2 lines
Diff to previous 2.60 (colored)
Continue with rules setting when loading from cache fails.
Revision 2.60 / (download) - [select for diffs], Sat Jan 17 01:09:03 2009 UTC (4 years, 4 months ago) by nepto
Changes since 2.59: +25 -4 lines
Diff to previous 2.59 (colored)
More pretty output with nice string padding
Revision 2.59 / (download) - [select for diffs], Mon Apr 14 18:04:31 2008 UTC (5 years, 1 month ago) by rajo
Changes since 2.58: +7 -2 lines
Diff to previous 2.58 (colored)
Fix: restore shaping rules when loading cache.
Revision 2.58 / (download) - [select for diffs], Sun Apr 13 19:27:00 2008 UTC (5 years, 1 month ago) by rajo
Changes since 2.57: +78 -1 lines
Diff to previous 2.57 (colored)
New feature: experimental support for shaping.
Revision 2.57 / (download) - [select for diffs], Sat Feb 2 22:57:54 2008 UTC (5 years, 3 months ago) by rajo
Changes since 2.56: +11 -11 lines
Diff to previous 2.56 (colored)
* Fix: use tcp-reset instead of default icmp-port-unreachable, because
icmp-port-unreachable is filtered by some firewalls
* --reject-with is configurable by REJECT_WITH variable
Revision 2.56 / (download) - [select for diffs], Sun Jan 27 13:36:02 2008 UTC (5 years, 3 months ago) by rajo
Changes since 2.55: +2 -2 lines
Diff to previous 2.55 (colored)
Fix: print_info(): handle spaces in arguments correctly.
Revision 2.55 / (download) - [select for diffs], Thu Jan 17 22:12:34 2008 UTC (5 years, 4 months ago) by rajo
Changes since 2.54: +3 -3 lines
Diff to previous 2.54 (colored)
Fix: fixed blocking on local machine. Be quiet in deploy-block mode.
Revision 2.54 / (download) - [select for diffs], Thu Jan 17 21:47:44 2008 UTC (5 years, 4 months ago) by rajo
Changes since 2.53: +2 -2 lines
Diff to previous 2.53 (colored)
Fix: be silent when run in blocking mode.
Revision 2.53 / (download) - [select for diffs], Thu Jan 17 21:44:30 2008 UTC (5 years, 4 months ago) by rajo
Changes since 2.52: +153 -139 lines
Diff to previous 2.52 (colored)
Silent mode supported.
Revision 2.52 / (download) - [select for diffs], Wed Jan 16 23:45:08 2008 UTC (5 years, 4 months ago) by rajo
Changes since 2.51: +71 -4 lines
Diff to previous 2.51 (colored)
New feature: block IP's with ONE command on all managed servers (simple
distributed firewalling)
WARNING:
WARNING: USE WITH CARE! You can cut-off your connection!
WARNING:
Usage:
/etc/init.d/firewall deploy-block 1.2.3.4/32
- /etc/default/firewall.d/deploy-servers.list - list of managed servers
- /etc/default/firewall.d/BANNED_IP.conf - list of blockes IP's and/or networks
Revision 2.51 / (download) - [select for diffs], Wed Dec 12 23:30:10 2007 UTC (5 years, 5 months ago) by rajo
Changes since 2.50: +76 -3 lines
Diff to previous 2.50 (colored)
New feature: added options
$ALL_REJECT_INPUT_TCP
$ALL_REJECT_INPUT_UDP
$eth0_REJECT_INPUT_TCP
$eth0_REJECT_INPUT_UDP
Revision 2.50 / (download) - [select for diffs], Wed Aug 29 14:43:55 2007 UTC (5 years, 8 months ago) by rajo
Changes since 2.49: +74 -49 lines
Diff to previous 2.49 (colored)
awk ifconfig parser replaced by perl parser: fixed problem with old GNU awk (3.1.4, Debian sarge).
Revision 2.49 / (download) - [select for diffs], Wed Oct 4 09:23:25 2006 UTC (6 years, 7 months ago) by rajo
Changes since 2.48: +3 -9 lines
Diff to previous 2.48 (colored)
Fix: if we drop something, destination IP address doesn't matter.
Revision 2.48 / (download) - [select for diffs], Sat Sep 30 21:55:28 2006 UTC (6 years, 7 months ago) by rajo
Changes since 2.47: +33 -9 lines
Diff to previous 2.47 (colored)
New feature: ability to limit connection to ports only from some IPs.
Revision 2.47 / (download) - [select for diffs], Sun Sep 24 16:17:10 2006 UTC (6 years, 8 months ago) by rajo
Changes since 2.46: +26 -0 lines
Diff to previous 2.46 (colored)
New feature: some packets can be dropped and they doesn't appear in log file.
Revision 2.46 / (download) - [select for diffs], Wed Aug 9 16:38:54 2006 UTC (6 years, 9 months ago) by rajo
Changes since 2.45: +1 -1 lines
Diff to previous 2.45 (colored)
Syn-flood protection turned off. Not usable for hi-loaded webservers.
Revision 2.45 / (download) - [select for diffs], Wed Aug 9 16:38:13 2006 UTC (6 years, 9 months ago) by rajo
Changes since 2.44: +1 -1 lines
Diff to previous 2.44 (colored)
Rules in cache depends also on source code of firewalling script.
Revision 2.44 / (download) - [select for diffs], Wed Aug 9 14:12:05 2006 UTC (6 years, 9 months ago) by rajo
Changes since 2.43: +1 -1 lines
Diff to previous 2.43 (colored)
DLINK DSL-360T note.
Revision 2.43 / (download) - [select for diffs], Wed Aug 9 11:41:13 2006 UTC (6 years, 9 months ago) by rajo
Changes since 2.42: +15 -0 lines
Diff to previous 2.42 (colored)
Added place for special rules.
Revision 2.42 / (download) - [select for diffs], Sun Mar 12 22:23:40 2006 UTC (7 years, 2 months ago) by rajo
Changes since 2.41: +5 -3
lines
Diff to previous 2.41 (colored)
Feature: changed behaviour of $NAT_SET_TTL - you can specify exact value of TTL.
Revision 2.41 / (download) - [select for diffs], Sat Mar 4 02:43:23 2006 UTC (7 years, 2 months ago) by rajo
Changes since 2.40: +1 -1
lines
Diff to previous 2.40 (colored)
Optimalization: RELATED,ESTABLISHED packets are accepted first - maybe quickes match of rules.
Revision 2.40 / (download) - [select for diffs], Sat Mar 4 02:09:52 2006 UTC (7 years, 2 months ago) by rajo
Changes since 2.39: +8 -0
lines
Diff to previous 2.39 (colored)
New feature: hide NAT clients behind firewall: - set TTL
Revision 2.39 / (download) - [select for diffs], Tue Feb 28 17:50:00 2006 UTC (7 years, 2 months ago) by rajo
Changes since 2.38: +8 -6
lines
Diff to previous 2.38 (colored)
Fix: fixed usage of awk (replaced with $AWK macro.
Fix: added note about bug in gawk: try to upgrade gawk (3.1.4-2.0.1 =>
3.1.5-1) if you experience problems with parser of ifconfig output.
Revision 2.38 / (download) - [select for diffs], Sun Jan 15 15:07:45 2006 UTC (7 years, 4 months ago) by rajo
Changes since 2.37: +4 -4
lines
Diff to previous 2.37 (colored)
Fix: fixed bug introduced in 2.36
Revision 2.37 / (download) - [select for diffs], Fri Jan 13 18:32:36 2006 UTC (7 years, 4 months ago) by rajo
Changes since 2.36: +34 -0
lines
Diff to previous 2.36 (colored)
New feature: some bad clients can be redirected from standard service port to closed port or service with another content.
Revision 2.36 / (download) - [select for diffs], Thu Jan 12 20:05:34 2006 UTC (7 years, 4 months ago) by rajo
Changes since 2.35: +94 -51
lines
Diff to previous 2.35 (colored)
New feature: multiple IP addresses(aliases) are determined for each interface and rules are generated for each IP address.
Revision 2.35 / (download) - [select for diffs], Tue Jan 10 01:33:26 2006 UTC (7 years, 4 months ago) by rajo
Changes since 2.34: +10 -0
lines
Diff to previous 2.34 (colored)
Traffic on redirected ports is taken into account for this client.
Revision 2.34 / (download) - [select for diffs], Tue Jan 10 01:01:59 2006 UTC (7 years, 4 months ago) by rajo
Changes since 2.33: +1 -1
lines
Diff to previous 2.33 (colored)
Fix: eth0 iterface name was used instead of variable $NAT_LAN_IFACE. Not buggy for default configuration.
Revision 2.33 / (download) - [select for diffs], Mon Jan 9 23:24:45 2006 UTC (7 years, 4 months ago) by rajo
Changes since 2.32: +16 -9
lines
Diff to previous 2.32 (colored)
Added support for IP accountig statistics: http://www.atout.be/zorbiptrafficlive/zorbiptraffic.php
Revision 2.32 / (download) - [select for diffs], Mon Jan 9 00:52:06 2006 UTC (7 years, 4 months ago) by rajo
Changes since 2.31: +32 -1
lines
Diff to previous 2.31 (colored)
Experimental IP accounting support.
Revision 2.31 / (download) - [select for diffs], Thu Jan 5 18:14:57 2006 UTC (7 years, 4 months ago) by rajo
Changes since 2.30: +10 -5
lines
Diff to previous 2.30 (colored)
Log new connections only for TCP and UDP protocols only by default.
Revision 2.30 / (download) - [select for diffs], Tue Nov 1 00:36:24 2005 UTC (7 years, 6 months ago) by rajo
Changes since 2.29: +1 -2
lines
Diff to previous 2.29 (colored)
Cleanup.
Revision 2.29 / (download) - [select for diffs], Tue Nov 1 00:12:49 2005 UTC (7 years, 6 months ago) by rajo
Changes since 2.28: +10 -4
lines
Diff to previous 2.28 (colored)
Fix: fixed bug with IP packet forwarding - we need to turn on packet forwarding explicitely, if rules are loaded from cache. Thanks to M. Palenik for bug report.
Revision 2.28 / (download) - [select for diffs], Sun Oct 9 21:11:08 2005 UTC (7 years, 7 months ago) by rajo
Changes since 2.27: +7 -1
lines
Diff to previous 2.27 (colored)
Fix: drop packets from $NAT_CLIENT_DROP also in INPUT chain, not only for FORWARD chain.
Revision 2.27 / (download) - [select for diffs], Thu Aug 4 19:39:11 2005 UTC (7 years, 9 months ago) by rajo
Changes since 2.26: +38 -5
lines
Diff to previous 2.26 (colored)
Generated rules can be cached and stored into file. Loading rules from cache file is more quickly.
Revision 2.26 / (download) - [select for diffs], Wed Jun 29 16:16:46 2005 UTC (7 years, 10 months ago) by rajo
Changes since 2.25: +30 -14
lines
Diff to previous 2.25 (colored)
* Modules loading and unloading can be better configured
* './fw-universal.sh stop' doesn't remove all rules: ESTABLISHED,
RELATED packets are accepted
* All rules can be removed with './fw-universal.sh really-off'
Revision 2.25 / (download) - [select for diffs], Wed Jun 29 15:24:04 2005 UTC (7 years, 10 months ago) by rajo
Changes since 2.24: +52 -41
lines
Diff to previous 2.24 (colored)
* Logging via syslog can be turned off (default is on).
* Variable DEFAULT_CONFIG renamed to DEFAULT_FIREWALL_CONFIG.
* Fixed usage() message.
Revision 2.24 / (download) - [select for diffs], Mon Apr 18 22:49:30 2005 UTC (8 years, 1 month ago) by rajo
Changes since 2.23: +16 -1
lines
Diff to previous 2.23 (colored)
Explicitely turn off packet forwarding
Revision 2.23 / (download) - [select for diffs], Fri Apr 15 22:07:18 2005 UTC (8 years, 1 month ago) by rajo
Changes since 2.22: +5 -1
lines
Diff to previous 2.22 (colored)
Explicitly enable packet forwarding.
Revision 2.22 / (download) - [select for diffs], Wed Mar 16 13:53:36 2005 UTC (8 years, 2 months ago) by rajo
Changes since 2.21: +25 -1
lines
Diff to previous 2.21 (colored)
* New Feature: bann IP address
This feature has been developed for following reason:
UbiCrawler spam our website with many requests (they are duplicit requests of the same page!)
And this web robot doesn't accept HTTP META tags (http://www.robotstxt.org/wc/faq.html#extension)
User Agent: "UbiCrawler/v0.4beta (http://ubi.iit.cnr.it/projects/ubicrawler/)"
Revision 2.21 / (download) - [select for diffs], Sun Mar 6 19:18:04 2005 UTC (8 years, 2 months ago) by rajo
Changes since 2.20: +3 -2
lines
Diff to previous 2.20 (colored)
We must accept OUTPUT packets also on lo interface.
Revision 2.20 / (download) - [select for diffs], Fri Mar 4 23:53:14 2005 UTC (8 years, 2 months ago) by rajo
Changes since 2.19: +51 -4
lines
Diff to previous 2.19 (colored)
Parse also route info (gateway, etc.).
Revision 2.19 / (download) - [select for diffs], Tue Mar 1 23:17:11 2005 UTC (8 years, 2 months ago) by rajo
Changes since 2.18: +14 -1
lines
Diff to previous 2.18 (colored)
New feature: port forwarding to local machines
Revision 2.18 / (download) - [select for diffs], Tue Mar 1 21:47:20 2005 UTC (8 years, 2 months ago) by rajo
Changes since 2.17: +5 -1
lines
Diff to previous 2.17 (colored)
Deny NAT for some clients in your LAN.
Revision 2.17 / (download) - [select for diffs], Sun Jan 16 17:24:23 2005 UTC (8 years, 4 months ago) by rajo
Changes since 2.16: +2 -1
lines
Diff to previous 2.16 (colored)
Zero packet counts.
Revision 2.16 / (download) - [select for diffs], Sun Jan 16 15:27:15 2005 UTC (8 years, 4 months ago) by rajo
Changes since 2.15: +35 -1
lines
Diff to previous 2.15 (colored)
Added traceroute support
Revision 2.15 / (download) - [select for diffs], Sun Jan 16 12:13:32 2005 UTC (8 years, 4 months ago) by rajo
Changes since 2.14: +25 -14
lines
Diff to previous 2.14 (colored)
Fix: don't run any rule for interafaces listed in $IFACE_ACCEPT_ALL
Split interfaces into 2 groups:
- interfaces without restrictions (e.g. lo, tun+, tap+)
$IFACE_ACCEPT_ALL
- interfaces with restrictions (eth0, eth1, ...)
$INTERFACES
Revision 2.14 / (download) - [select for diffs], Sun Jan 16 11:06:46 2005 UTC (8 years, 4 months ago) by rajo
Changes since 2.13: +1 -14
lines
Diff to previous 2.13 (colored)
Cleanup.
Revision 2.13 / (download) - [select for diffs], Sun Jan 16 11:06:10 2005 UTC (8 years, 4 months ago) by rajo
Changes since 2.12: +2 -2
lines
Diff to previous 2.12 (colored)
Added simple DEBUG
Revision 2.12 / (download) - [select for diffs], Sun Jan 16 10:55:39 2005 UTC (8 years, 4 months ago) by rajo
Changes since 2.11: +15 -1
lines
Diff to previous 2.11 (colored)
Added $ALL_ACCEPT_INPUT_UDP - accept UDP packets on ports
Revision 2.11 / (download) - [select for diffs], Thu Jan 13 13:31:54 2005 UTC (8 years, 4 months ago) by rajo
Changes since 2.10: +15 -15
lines
Diff to previous 2.10 (colored)
* Log level set to 'notice'.
* * options '-j LOG --log-prefix' included into variable $LOG_LIMIT
Revision 2.10 / (download) - [select for diffs], Tue Jan 4 23:56:23 2005 UTC (8 years, 4 months ago) by rajo
Changes since 2.9: +3 -3
lines
Diff to previous 2.9 (colored)
Fixed dates.
Revision 2.9 / (download) - [select for diffs], Tue Jan 4 19:58:42 2005 UTC (8 years, 4 months ago) by rajo
Changes since 2.8: +2 -2
lines
Diff to previous 2.8 (colored)
Syntax fix.
Revision 2.8 / (download) - [select for diffs], Tue Jan 4 19:57:14 2005 UTC (8 years, 4 months ago) by rajo
Changes since 2.7: +4 -2
lines
Diff to previous 2.7 (colored)
Fix: accept all output packets on $IFACE_ACCEPT_ALL
Fix: masquerade all packets (not only from local subnet)
Revision 2.7 / (download) - [select for diffs], Sun Jan 2 13:31:46 2005 UTC (8 years, 4 months ago) by rajo
Changes since 2.6: +14 -7
lines
Diff to previous 2.6 (colored)
* Fix: fixed ICMP configuration.
* Allow ICMP packets in FORWARD chains.
Revision 2.6 / (download) - [select for diffs], Sun Jan 2 02:37:12 2005 UTC (8 years, 4 months ago) by rajo
Changes since 2.5: +7 -3
lines
Diff to previous 2.5 (colored)
Fix: remove all iptables chains also in other tables (nat, mangle, ...)
Revision 2.5 / (download) - [select for diffs], Sun Jan 2 01:49:01 2005 UTC (8 years, 4 months ago) by rajo
Changes since 2.4: +57 -4
lines
Diff to previous 2.4 (colored)
* NAT support.
* NAT: don't forward Miscrosoft protocols - NOT RFC compliant packets
* NAT: Configure port forwarding
* Log new connections: usefull for securing your NAT network.
Revision 2.4 / (download) - [select for diffs], Fri Dec 31 01:54:52 2004 UTC (8 years, 4 months ago) by rajo
Changes since 2.3: +4 -4
lines
Diff to previous 2.3 (colored)
Fix: substitute "iptables" with "$IPTABLES"
Revision 2.3 / (download) - [select for diffs], Thu Dec 30 23:16:20 2004 UTC (8 years, 4 months ago) by rajo
Changes since 2.2: +2 -2
lines
Diff to previous 2.2 (colored)
Sync.
Revision 2.2 / (download) - [select for diffs], Sun Dec 12 18:00:11 2004 UTC (8 years, 5 months ago) by rajo
Changes since 2.1: +113 -25
lines
Diff to previous 2.1 (colored)
* Fixed antispoof filter.
* Added masquerading support.
* Ability to configure package dropping.
Revision 2.1 / (download) - [select for diffs], Sat Dec 11 19:50:24 2004 UTC (8 years, 5 months ago) by rajo
Set default policy before removing chains
Revision 2.0 / (download) - [select for diffs], Sun Nov 14 15:23:09 2004 UTC (8 years, 6 months ago) by rajo
* Firewall configuration is now in config file.
* Default $INET_IFACE removed - replaced by per-interface configuration
options.
* Fixed bug with unloading modules.
* allow_icmp() function was not called - fixed.
Revision 1.1 / (download) - [select for diffs], Fri Oct 24 15:40:44 2003 UTC (9 years, 7 months ago) by rajo
Universal firewall script.
This form allows you to request diff's between any two
revisions of a file. You may select a symbolic revision
name using the selection box or you may type in a numeric
name using the type-in text box.
Platon Group <platon@platon.org> http://platon.org/
| 
Login
Registration
Slovak