Ludovic Poujol
7f3f69329f
Don't throw ipv6 to iptables in the squid macro
2021-12-03 11:29:32 +01:00
Jérémy Lecour
3b4ffec174
Document helper functions that are accessible inincluded files
2021-09-14 12:47:32 +02:00
Jérémy Lecour
30838eb892
rename variables for readability
2021-09-14 12:47:17 +02:00
Jérémy Lecour
a600d03ab4
split configuration and includes
2021-09-14 12:37:04 +02:00
Jérémy Lecour
48983bfa2d
fix mistakes
...
* forgotten chains
* wrong variable names
* baf field separator for awk
2021-09-14 12:36:43 +02:00
Jérémy Lecour
cfa1c20332
Add IPv6 support on many macros
2021-09-14 11:05:59 +02:00
Ludovic Poujol
351158891e
Add sort, to source files in alphanumerical order as expected
2021-09-14 09:44:58 +02:00
Ludovic Poujol
79c1790564
WIP - IPv6 Handleing for output authorisation
2021-09-14 09:12:08 +02:00
Ludovic Poujol
c31288f318
Correct is_ipv6
2021-09-14 08:54:52 +02:00
Jérémy Lecour
5f0de36216
Combine all IPv6 rules
2021-09-06 14:33:33 +02:00
Jérémy Lecour
d811e5647d
Show version once for each action
2021-09-06 14:33:22 +02:00
Jérémy Lecour
08182dd606
Conditionals in IPv6 includes
2021-09-06 14:03:44 +02:00
Jérémy Lecour
ef18fccc96
Add version
2021-09-06 14:02:03 +02:00
Jérémy Lecour
ad024bac8f
valeur de IPV6 avec simples quotes
2021-06-04 14:08:04 +02:00
Jérémy Lecour
aa67894438
Ouverture totale de HTTPSITES par défaut
2021-06-04 14:07:21 +02:00
Jérémy Lecour
9ae2a03955
proxy: simplification de la boucle
2021-06-04 14:06:37 +02:00
Jérémy Lecour
f87bbe5442
add macro for proxy
2021-05-26 13:20:12 +02:00
Jérémy Lecour
0f93e8e75e
fixup! store includes in /etc/minifirewall.d
2021-05-26 13:13:26 +02:00
Jérémy Lecour
275a4c5bab
Add macro for backup servers
2021-05-26 13:12:56 +02:00
Jérémy Lecour
9be97b2436
store includes in /etc/minifirewall.d
2021-05-26 13:09:50 +02:00
Jérémy Lecour
800448ff97
update verison
2021-05-22 23:22:31 +02:00
Jérémy Lecour
dfc91a0689
syntax and readability
2021-05-22 23:14:40 +02:00
Jérémy Lecour
773d7086fc
source configuration with functions
2021-05-22 23:14:27 +02:00
Jérémy Lecour
c9eecabdf8
more expressive variable names
2021-05-22 23:13:00 +02:00
Jérémy Lecour
e071610a37
check for commands
2021-05-22 23:12:09 +02:00
Jérémy Lecour
9477d47938
Use function to tets ipv6 and docker
2021-05-22 22:46:02 +02:00
Jérémy Lecour
597042ebf7
more expressive variable names
2021-05-22 22:45:48 +02:00
Jérémy Lecour
c4f9e78677
all variables must be defined
2021-05-22 22:44:47 +02:00
Jérémy Lecour
372ad8f1d1
whitespaces
2021-05-22 09:46:22 +02:00
Jérémy Lecour
8eb0180b51
compact syntax for loops
2021-05-22 09:41:29 +02:00
Jérémy Lecour
a3ab1a4f2e
variables with better names
2021-05-22 09:35:51 +02:00
Jérémy Lecour
e02be5b852
Surround variable names with curly braces
2021-05-22 09:34:35 +02:00
Jérémy Lecour
9a9fc7fd44
squid command seems obsolete
2021-05-22 09:23:31 +02:00
Jérémy Lecour
72e3729a78
Extract main functions
2021-05-22 09:23:14 +02:00
Jérémy Lecour
c48534146a
Source files in /etc/default/minifirewall.d
2021-05-22 09:11:49 +02:00
Jérémy Dubois
9898ff9e62
Put our IPs back in the TRUSTEDIPS variable
...
The TRUSTEDIPS variable is the public reference for Evolix IPs
2021-02-05 15:28:07 +01:00
Jérémy Lecour
80307172af
Remove volatile.debian.org from HTTPSITES
...
This domain doesn't exist anymore.
2021-01-14 08:16:50 +01:00
Jérémy Lecour
7126d70982
Update copyright and add version number
2020-12-01 22:55:59 +01:00
Gregory Colpart
5a907b1ce0
new policy for default ports: we close almost all to be sure that nothing works if we don't configure it
...
nouvelle politique d'ouverture des ports par défaut : on ferme quasi tout pour que rien ne marche ou presque si on ne configure rien
2020-09-22 16:59:39 +02:00
Jérémy Lecour
ba193f22fa
Change public SSH port from 2222 to 22222
2020-08-28 18:26:59 +02:00
Ludovic Poujol
3bcaee5b58
Merge pull request 'Docker handling' ( #5 ) from docker into master
...
Reviewed-on: #5
2020-07-27 10:43:26 +02:00
Ludovic Poujol
7c384a777b
Better handling of Docker to match the usual minifirewall behaviour
...
Revert some changes from 0ec2cb2f4b
like the SERVICESTCP4 SERVICESUDP4
Instead, we'll re-create the usual behaviour of public, privileged and
trusted ports for docker when the variable DOCKER is set to "on"
2020-07-27 10:33:40 +02:00
Ludovic Poujol
0ec2cb2f4b
Make it compatible with docker
...
Add a new variable "DOCKER" that should be set to "on" when this is a
docker machine.
It will
- Disable the nat tables flush on stop/restart
Reason : Not breaking outgoing networking for containers
- Create the "DOCKER-USER" chain, and add a DROP
By default everything is closed and we don't expose services to the
outside world
- Add rules in the "DOCKER-USER" chain to open services to the outside
world.
Untested with swarm
2020-02-25 16:33:24 +01:00
Ludovic Poujol
30041b8949
Fix IPV6 var not being defined on stop
2020-02-21 16:26:41 +01:00
Ludovic Poujol
60ca9f67b2
Update project URL in comment
2020-02-17 10:54:01 +01:00
Victor LABORIE
42e18e57fd
Add a Vagrantfile for testing
2019-06-04 17:43:26 +02:00
Victor LABORIE
326547fba3
Fix typo in install doc
2019-06-04 17:40:26 +02:00
Victor LABORIE
e80979e04d
Minifirewall is now under GPLv3 license
2019-06-04 16:53:34 +02:00
Victor LABORIE
6846263daa
Update README.md
2019-06-04 16:48:27 +02:00
Tristan PILAT
979b7e2d03
Add missing variables in SMTPSECUREOK and SMTPOK loops
2018-08-28 15:39:58 +02:00