minifirewall

Commit Graph

Author	SHA1	Message	Date
Jérémy Lecour	80307172af	Remove volatile.debian.org from HTTPSITES This domain doesn't exist anymore.	1 week ago
Jérémy Lecour	7126d70982	Update copyright and add version number	1 month ago
Gregory Colpart	5a907b1ce0	new policy for default ports: we close almost all to be sure that nothing works if we don't configure it nouvelle politique d'ouverture des ports par défaut : on ferme quasi tout pour que rien ne marche ou presque si on ne configure rien	4 months ago
Jérémy Lecour	ba193f22fa	Change public SSH port from 2222 to 22222	5 months ago
Ludovic Poujol	3bcaee5b58	Merge pull request 'Docker handling' (#5 ) from docker into master Reviewed-on: #5	6 months ago
Ludovic Poujol	7c384a777b	Better handling of Docker to match the usual minifirewall behaviour Revert some changes from `0ec2cb2f4b` like the SERVICESTCP4 SERVICESUDP4 Instead, we'll re-create the usual behaviour of public, privileged and trusted ports for docker when the variable DOCKER is set to "on"	6 months ago
Ludovic Poujol	0ec2cb2f4b	Make it compatible with docker Add a new variable "DOCKER" that should be set to "on" when this is a docker machine. It will - Disable the nat tables flush on stop/restart Reason : Not breaking outgoing networking for containers - Create the "DOCKER-USER" chain, and add a DROP By default everything is closed and we don't expose services to the outside world - Add rules in the "DOCKER-USER" chain to open services to the outside world. Untested with swarm	11 months ago
Ludovic Poujol	30041b8949	Fix IPV6 var not being defined on stop	11 months ago
Ludovic Poujol	60ca9f67b2	Update project URL in comment	11 months ago
Victor LABORIE	42e18e57fd	Add a Vagrantfile for testing	1 year ago
Victor LABORIE	326547fba3	Fix typo in install doc	1 year ago
Victor LABORIE	e80979e04d	Minifirewall is now under GPLv3 license	1 year ago
Victor LABORIE	6846263daa	Update README.md	1 year ago
Tristan Pilat	979b7e2d03	Add missing variables in SMTPSECUREOK and SMTPOK loops	2 years ago
Romain Dessort	9ebb5fe748	Add security-cdn.debian.org to HTTPSITES whitelist Debian migrated its security.debian.org repository to Fastly CDN (security-cdn.debian.org) so we have to whitelist it too to make security upgrades possible.	3 years ago
Jérémy Lecour	0450c12f5d	Merge branch 'ocsp-letsencrypt'	3 years ago
Jérémy Lecour	afdfc00a67	Add letsencrypt in HTTPSITES	3 years ago
Victor LABORIE	dba28b0679	Remove obsolete srv domain	4 years ago
Gregory Colpart	164d727e8e	Remove obsolete IP addr	5 years ago
Benoît S.	b6a47dea0d	Added quote to $IPV6 variables.	5 years ago
Tristan Pilat	02d6447a10	Fix bug with IPv6. When IPv6=off don't use ip6tables in stop and reset function.	5 years ago
Gregory Colpart	4864872586	Rename README -> README.md for Redmine / Github	5 years ago
Gregory Colpart	2943a7d58c	Improve output messages	5 years ago
Gregory Colpart	52f177303c	Fix bug in old config detection	5 years ago
Gregory Colpart	4ea10ccc83	Improve configuration file	5 years ago
Gregory Colpart	2f561a6172	Improve descriptions / comments (switch all in english, etc.)	5 years ago
Gregory Colpart	9579cfe991	Fix #1565 . Use now /etc/default/minifirewall for config file!	5 years ago
Gregory Colpart	6bc560b66a	Add default rule for IPv6 DNS responses	5 years ago
Benoît S.	283ff1161f	Added SpamAssassin update repo URLs.	6 years ago
Gregory Colpart	2d2fded0ac	use same syntax for all ip6tables rules	6 years ago
Gregory Colpart	ebbee1ac84	Modify URL to track country ip blocks	6 years ago
Benoît S.	ec0b8ffef5	Added to HTTPSITES zidane and antismap00.	6 years ago
Arnaud Tomeï	5525ff343f	Adding new IP address for Evolix	6 years ago
Gregory Colpart	d452c16bc6	Duplicate rule	6 years ago
Benoît S.	f3674af0db	Allow Input DNS on IPv6. Used when a slave respond to a master notification in bind for example.	6 years ago
Benoît S.	5275f8d7e2	Moves rules from firewall.rc to minifirewall core.	6 years ago
Romain Dessort	57ae4df6e7	Merge branch 'master' of ssh://git.evolix.org/git/evolinux/minifirewall	6 years ago
Romain Dessort	0eda844bba	Add delegated CIDR for AFRINIC and LACNIC.	6 years ago
Benoît S.	705c4683a2	Allow all output on lo interface for IPv6.	6 years ago
Benoît S.	ce1d628516	Adding rules for DHCPv6.	7 years ago
Benoît S.	8ed3c722ce	Adding hwraid.le-vert.net in HTTPSITES	7 years ago
Benoît S.	6c162c516b	Fixing typo in HTTPSITES.	7 years ago
Gregory Colpart	6df7c86ccf	Add http://backports.debian.org by default	7 years ago
Gregory Colpart	7d3d928e02	Improve new UDP rules to DROP by default	8 years ago
Benoît S.	ec14ee9f3e	Last committer removed the IPv4 UDP rules?! Re-adding.	8 years ago
Gregory Colpart	f84add886a	Merge branch 'master' of ssh://git.evolix.org/git/evolinux/minifirewall Conflicts: firewall.rc	8 years ago
Gregory Colpart	f714700623	Allow SMTP IPv6	8 years ago
Romain Dessort	7795b715e6	Add rules to open traceroute UDP port.	8 years ago
Benoît S.	b57dddf917	By default allow outgoing packets on loopback. This is needed since the new policy of dropping all outgoing UDP packets, especially when there is a local bind.	8 years ago
Benoît S.	44bb5925eb	Amelioration added for blocking output UDP.	8 years ago

1 2

85 Commits (master) All Branches Search

85 Commits (master)

All Branches