evolix
/
minifirewall
18
0
Fork 0
Code Issues 4 Pull Requests 3 Releases 1 Activity
60 Commits 9 Branches 1 Tag 270 KiB
Commit Graph

60 Commits

Author SHA1 Message Date
Gregory Colpart 2f561a6172 Improve descriptions / comments (switch all in english, etc.) 2015-09-13 18:37:53 +02:00
Gregory Colpart 9579cfe991 Fix #1565. Use now /etc/default/minifirewall for config file! 2015-09-13 17:15:40 +02:00
Gregory Colpart 6bc560b66a Add default rule for IPv6 DNS responses 2015-03-13 01:55:13 +01:00
Benoît S. 283ff1161f Added SpamAssassin update repo URLs. 2015-01-20 17:17:10 +01:00
Gregory Colpart 2d2fded0ac use same syntax for all ip6tables rules 2015-01-12 20:54:17 +01:00
Gregory Colpart ebbee1ac84 Modify URL to track country ip blocks 2015-01-12 20:45:27 +01:00
Benoît S. ec0b8ffef5 Added to HTTPSITES zidane and antismap00. 2015-01-02 14:07:17 +01:00
Arnaud Tomeï 5525ff343f Adding new IP address for Evolix 2014-12-24 16:23:05 +01:00
Gregory Colpart d452c16bc6 Duplicate rule 2014-09-11 23:33:33 +02:00
Benoît S. f3674af0db Allow Input DNS on IPv6. 
Used when a slave respond to a master notification in bind for example.
 2014-07-25 14:21:42 +02:00
Benoît S. 5275f8d7e2 Moves rules from firewall.rc to minifirewall core. 2014-05-22 17:38:00 +02:00
Romain Dessort 57ae4df6e7 Merge branch 'master' of ssh://git.evolix.org/git/evolinux/minifirewall 2014-05-09 11:09:52 +02:00
Romain Dessort 0eda844bba Add delegated CIDR for AFRINIC and LACNIC. 2014-05-09 11:08:32 +02:00
Benoît S. 705c4683a2 Allow all output on lo interface for IPv6. 2014-03-12 16:22:15 +01:00
Benoît S. ce1d628516 Adding rules for DHCPv6. 2013-12-13 11:22:27 +01:00
Benoît S. 8ed3c722ce Adding hwraid.le-vert.net in HTTPSITES 2013-10-31 14:11:07 +01:00
Benoît S. 6c162c516b Fixing typo in HTTPSITES. 2013-06-07 14:43:54 +02:00
Gregory Colpart 6df7c86ccf Add http://backports.debian.org by default 2013-05-06 16:07:53 +02:00
Gregory Colpart 7d3d928e02 Improve new UDP rules to DROP by default 2012-11-14 00:55:35 +01:00
Benoît S. ec14ee9f3e Last committer removed the IPv4 UDP rules?! Re-adding. 2012-11-09 10:05:34 +01:00
Gregory Colpart f84add886a Merge branch 'master' of ssh://git.evolix.org/git/evolinux/minifirewall 
Conflicts:
	firewall.rc
 2012-10-29 12:28:55 +01:00
Gregory Colpart f714700623 Allow SMTP IPv6 2012-10-29 12:25:41 +01:00
Romain Dessort 7795b715e6 Add rules to open traceroute UDP port. 2012-10-24 10:32:05 +02:00
Benoît S. b57dddf917 By default allow outgoing packets on loopback. This is needed since the new 
policy of dropping all outgoing UDP packets, especially when there is a local
bind.
 2012-10-08 16:19:22 +02:00
Benoît S. 44bb5925eb Amelioration added for blocking output UDP. 2012-10-03 14:21:04 +02:00
Benoît S. b5412ce98a Adding rules to block outgoing UDP trafic except for DNS and NTP. 2012-08-22 16:21:28 +02:00
Gregory Colpart e7a7f26951 Patch to have compatibility with poor non-IPv6 server 2011-11-11 15:47:37 +01:00
Gregory Colpart 11ca1d1599 Improve rocks-solid comportment of the firewall script ! 2011-10-21 03:16:40 +02:00
Gregory Colpart b72c47223a IPv6 support 2011-10-21 02:06:50 +02:00
Gregory Colpart 60bf2989c4 Merge branch 'master' of ssh://git.evolix.org/git/evolinux/minifirewall 2011-08-29 14:45:47 +02:00
Gregory Colpart 2495c3270f Remove limit on ICMP pings... 2011-08-29 14:45:14 +02:00
Gregory Colpart 94473ada72 Add a new default IP address 2011-08-28 19:32:13 +02:00
Gregory Colpart 14a220a546 We authorize now all NTP traffic by default 2011-07-14 15:23:04 +02:00
Gregory Colpart 1a17daeba4 Fix a bug with var name, and remove _ (uniformization) 2011-06-03 11:53:51 +02:00
Gregory Colpart 053f3d9c4e Modify default NTP address 2011-05-06 14:43:14 +02:00
Gregory Colpart a46b97845c Allow all DNS requests by default 2011-04-19 15:51:15 +02:00
Gregory Colpart afde581d3b Merge branch 'master' of ssh://git.evolix.org/git/evolinux/minifirewall 2011-04-02 12:14:16 +02:00
Gregory Colpart 47fd56a25a Improve copyrigth and infos 2011-04-02 12:12:49 +02:00
Gregory Colpart 27fe1213f5 Open HTTPS by default 2011-04-02 12:01:59 +02:00
Colin Darie 57135c932d Make minifirewall executable 
Signed-off-by: Gregory Colpart <reg@evolix.fr>
 2011-04-02 12:01:59 +02:00
Colin Darie 44739ce82a Added an example of cron script to daily reload iptables 
Signed-off-by: Gregory Colpart <reg@evolix.fr>
 2011-04-02 12:01:58 +02:00
Colin Darie 821af4d12f Added a SMTP_SECURE_OK rule (port 465) 
Signed-off-by: Gregory Colpart <reg@evolix.fr>
 2011-04-02 12:01:58 +02:00
Colin Darie fc4f8194ae Fix warning d'une syntaxe iptable dépréciée 
Signed-off-by: Gregory Colpart <reg@evolix.fr>
 2011-04-02 12:01:58 +02:00
Colin Darie dc7c45c43f LSBization de l'init script 
Signed-off-by: Gregory Colpart <reg@evolix.fr>
 2011-04-02 12:01:26 +02:00
Colin Darie 089fa24606 fix syntaxe dépréciée dans le nouveau iptables 
le message renvoyé était le suivant:
Using intrapositioned negation (`--option ! this`) is deprecated in
favor of extrapositioned (`! --option this`)

Signed-off-by: Gregory Colpart <reg@evolix.fr>
 2011-04-02 12:00:28 +02:00
Colin Darie 9feded0d21 La directive INTIP n'est pas (plus?) utilisée 
Signed-off-by: Gregory Colpart <reg@evolix.fr>
 2011-04-02 12:00:28 +02:00
Romain Dessort 4a2e9813b5 Ajout de l'URL mirror.evolix.org dans la liste des sites autorisés. 2011-04-02 12:00:28 +02:00
Thomas Martin ac9400aa8c check correct sourcing of configuration file, and exit if it fails 2011-04-02 12:00:28 +02:00
Gregory Colpart 910c3f7063 Merge branch 'master' of ssh://git.evolix.org/git/evolinux/minifirewall 2010-09-13 13:49:31 +02:00
Gregory Colpart 1cdb7af52c Add a new IP in default configuration 2010-09-13 13:48:26 +02:00