evolix/minifirewall
21
0
Fork 0
Code Issues 4 Pull requests 3 Releases 1 Activity
41 commits 9 branches 1 tag 249 KiB
Commit graph

19 commits

Author SHA1 Message Date
Benoît S. b57dddf917 By default allow outgoing packets on loopback. This is needed since the new 
policy of dropping all outgoing UDP packets, especially when there is a local
bind.
 2012-10-08 16:19:22 +02:00
Benoît S. 44bb5925eb Amelioration added for blocking output UDP. 2012-10-03 14:21:04 +02:00
Gregory Colpart e7a7f26951 Patch to have compatibility with poor non-IPv6 server 2011-11-11 15:47:37 +01:00
Gregory Colpart 11ca1d1599 Improve rocks-solid comportment of the firewall script ! 2011-10-21 03:16:40 +02:00
Gregory Colpart b72c47223a IPv6 support 2011-10-21 02:06:50 +02:00
Gregory Colpart 2495c3270f Remove limit on ICMP pings... 2011-08-29 14:45:14 +02:00
Gregory Colpart 1a17daeba4 Fix a bug with var name, and remove _ (uniformization) 2011-06-03 11:53:51 +02:00
Gregory Colpart 47fd56a25a Improve copyrigth and infos 2011-04-02 12:12:49 +02:00
Colin Darie 57135c932d Make minifirewall executable 
Signed-off-by: Gregory Colpart <reg@evolix.fr>
 2011-04-02 12:01:59 +02:00
Colin Darie 821af4d12f Added a SMTP_SECURE_OK rule (port 465) 
Signed-off-by: Gregory Colpart <reg@evolix.fr>
 2011-04-02 12:01:58 +02:00
Colin Darie fc4f8194ae Fix warning d'une syntaxe iptable dépréciée 
Signed-off-by: Gregory Colpart <reg@evolix.fr>
 2011-04-02 12:01:58 +02:00
Colin Darie dc7c45c43f LSBization de l'init script 
Signed-off-by: Gregory Colpart <reg@evolix.fr>
 2011-04-02 12:01:26 +02:00
Colin Darie 089fa24606 fix syntaxe dépréciée dans le nouveau iptables 
le message renvoyé était le suivant:
Using intrapositioned negation (`--option ! this`) is deprecated in
favor of extrapositioned (`! --option this`)

Signed-off-by: Gregory Colpart <reg@evolix.fr>
 2011-04-02 12:00:28 +02:00
Thomas Martin ac9400aa8c check correct sourcing of configuration file, and exit if it fails 2011-04-02 12:00:28 +02:00
Gregory Colpart f07fe301ba Bug !!! Conf file is source twice... 2010-03-02 20:16:02 +01:00
Gregory Colpart 63108ad27d Modifications avec spalma : 
- Activation des regles en "-t nat"
- Flush des regles specifiques lors du stop avant leurs destructions
 2010-02-19 16:56:32 +01:00
Gregory Colpart 3c7c7d8490 On ne DROP pas le FORWARD par defaut (pas d'interet en general, et utile pour les dom0) 2009-08-29 18:59:58 +02:00
Gregory Colpart c3a66eb333 Add NEEDRESTRICT chain to deny some services by free rules 
Somes improvements
 2009-08-12 13:21:53 +02:00
Gregory Colpart b3fb2ce6b9 Import files from http://www.gcolpart.com/hacks/ 2009-08-10 19:02:09 +02:00