e7a7f26951
Patch to have compatibility with poor non-IPv6 server
2011-11-11 15:47:37 +01:00
11ca1d1599
Improve rocks-solid comportment of the firewall script !
2011-10-21 03:16:40 +02:00
b72c47223a
IPv6 support
2011-10-21 02:06:50 +02:00
60bf2989c4
Merge branch 'master' of ssh://git.evolix.org/git/evolinux/minifirewall
2011-08-29 14:45:47 +02:00
2495c3270f
Remove limit on ICMP pings...
2011-08-29 14:45:14 +02:00
94473ada72
Add a new default IP address
2011-08-28 19:32:13 +02:00
14a220a546
We authorize now all NTP traffic by default
2011-07-14 15:23:04 +02:00
1a17daeba4
Fix a bug with var name, and remove _ (uniformization)
2011-06-03 11:53:51 +02:00
053f3d9c4e
Modify default NTP address
2011-05-06 14:43:14 +02:00
a46b97845c
Allow all DNS requests by default
2011-04-19 15:51:15 +02:00
afde581d3b
Merge branch 'master' of ssh://git.evolix.org/git/evolinux/minifirewall
2011-04-02 12:14:16 +02:00
47fd56a25a
Improve copyrigth and infos
2011-04-02 12:12:49 +02:00
27fe1213f5
Open HTTPS by default
2011-04-02 12:01:59 +02:00
57135c932d
Make minifirewall executable
...
Signed-off-by: Gregory Colpart <reg@evolix.fr>
2011-04-02 12:01:59 +02:00
44739ce82a
Added an example of cron script to daily reload iptables
...
Signed-off-by: Gregory Colpart <reg@evolix.fr>
2011-04-02 12:01:58 +02:00
821af4d12f
Added a SMTP_SECURE_OK rule (port 465)
...
Signed-off-by: Gregory Colpart <reg@evolix.fr>
2011-04-02 12:01:58 +02:00
fc4f8194ae
Fix warning d'une syntaxe iptable dépréciée
...
Signed-off-by: Gregory Colpart <reg@evolix.fr>
2011-04-02 12:01:58 +02:00
dc7c45c43f
LSBization de l'init script
...
Signed-off-by: Gregory Colpart <reg@evolix.fr>
2011-04-02 12:01:26 +02:00
089fa24606
fix syntaxe dépréciée dans le nouveau iptables
...
le message renvoyé était le suivant:
Using intrapositioned negation (`--option ! this`) is deprecated in
favor of extrapositioned (`! --option this`)
Signed-off-by: Gregory Colpart <reg@evolix.fr>
2011-04-02 12:00:28 +02:00
9feded0d21
La directive INTIP n'est pas (plus?) utilisée
...
Signed-off-by: Gregory Colpart <reg@evolix.fr>
2011-04-02 12:00:28 +02:00
4a2e9813b5
Ajout de l'URL mirror.evolix.org dans la liste des sites autorisés.
2011-04-02 12:00:28 +02:00
ac9400aa8c
check correct sourcing of configuration file, and exit if it fails
2011-04-02 12:00:28 +02:00
910c3f7063
Merge branch 'master' of ssh://git.evolix.org/git/evolinux/minifirewall
2010-09-13 13:49:31 +02:00
1cdb7af52c
Add a new IP in default configuration
2010-09-13 13:48:26 +02:00
530ed78833
Ajout de l'URL mirror.evolix.org dans la liste des sites autorisés.
2010-06-23 10:45:35 +02:00
abc84e2b0b
check correct sourcing of configuration file, and exit if it fails
2010-06-09 19:27:19 +02:00
1efde5a186
Add script to download RIPENCC and APNIC blocs
2010-03-02 20:20:12 +01:00
f07fe301ba
Bug !!! Conf file is source twice...
2010-03-02 20:16:02 +01:00
63108ad27d
Modifications avec spalma :
...
- Activation des regles en "-t nat"
- Flush des regles specifiques lors du stop avant leurs destructions
2010-02-19 16:56:32 +01:00
3c7c7d8490
On ne DROP pas le FORWARD par defaut (pas d'interet en general, et utile pour les dom0)
2009-08-29 18:59:58 +02:00
60b0b1c5d0
Improve default rules
2009-08-14 11:42:59 +02:00
7ff2fd64c4
Add script for blacklist countries with RIPE LIR informations
2009-08-13 01:01:59 +02:00
c3a66eb333
Add NEEDRESTRICT chain to deny some services by free rules
...
Somes improvements
2009-08-12 13:21:53 +02:00
b3fb2ce6b9
Import files from http://www.gcolpart.com/hacks/
2009-08-10 19:02:09 +02:00
Gregory Colpart
Colin Darie
Romain Dessort
Thomas Martin
Gregory Colpart