summaryrefslogtreecommitdiff
path: root/zones.c
Commit message (Expand)AuthorAgeFilesLines
* zone: avoid duplicates in devices listTony Ambardar2021-03-231-1/+8
* zones: apply tcp mss clamping also on ingress pathYousong Zhou2020-07-251-0/+8
* treewide: replace unsafe string functionsJo-Philipp Wich2020-06-031-25/+54
* improve reload logicJo-Philipp Wich2020-06-021-9/+16
* zones: fix emitting match rules for zones with only "extra" optionsJo-Philipp Wich2019-11-221-1/+1
* zones: add zone identifying local traffic in raw OUTPUT chainHans Dedecker2019-01-021-5/+9
* zones: add interface/subnet bound LOG rulesJo-Philipp Wich2018-05-191-37/+32
* Reword rule commentsJo-Philipp Wich2018-03-131-4/+4
* zones: allow per-table log controlStijn Tintel2018-02-261-3/+8
* helpers: implement explicit CT helper assignment supportJo-Philipp Wich2018-02-201-2/+67
* zones: disable masq when resolving of all masq_src or masq_dest items failedJo-Philipp Wich2018-02-131-1/+33
* firewall3: check the return value of fw3_parse_options()Pierre Lebleu2017-05-091-1/+2
* zones: drop outgoing invalid traffic in masqueraded zonesJo-Philipp Wich2017-04-271-0/+12
* zones: do not check conntrack state in zone_*_dest_ACCEPT chainsJo-Philipp Wich2017-01-131-5/+0
* global: remove automatic notrack rulesJo-Philipp Wich2016-11-291-15/+0
* zones: properly handle multiple masq_src / masq_dest negations (FS#248)Jo-Philipp Wich2016-11-011-7/+59
* utils.h: Avoid name clashes for setbit/delbit/hasbitFlorian Fainelli2016-09-181-13/+13
* zones: allow untracked traffic as wellJo-Philipp Wich2016-08-081-2/+4
* zones: restrict default ACCEPT rules to NEW ctstateJo-Philipp Wich2016-08-081-0/+8
* treewide: replace jow@openwrt.org with jo@mein.ioJo-Philipp Wich2016-06-071-1/+1
* Use xt_id match to track own rulesJo-Philipp Wich2016-01-241-10/+10
* redirects: respect src_dip option for reflection rulesJo-Philipp Wich2015-01-081-10/+23
* Selectively flush conntrackJo-Philipp Wich2014-08-111-0/+4
* zones: make forward policy destination boundJo-Philipp Wich2014-07-211-3/+3
* make fw3_ubus_address take a list_head * argument instead of allocating & ret...Felix Fietkau2014-06-301-15/+2
* use calloc instead of malloc+memsetFelix Fietkau2014-06-301-7/+2
* Clean up dead codeJo-Philipp Wich2013-11-181-0/+2
* Use a global -m conntrack --ctstate DNAT rule to accept all port forwards of ...Jo-Philipp Wich2013-11-071-0/+13
* Improve ubus supportSteven Barth2013-10-231-0/+2
* Use fw3_ipt_rule_replace() when setting up zone interface rulesJo-Philipp Wich2013-10-101-10/+10
* Reorganize chain layout for raw/NOTRACK rules to fix support for custom rules...Jo-Philipp Wich2013-08-141-5/+15
* Keep all basic chains on reload and only flush them, this allows user rules t...Jo-Philipp Wich2013-06-061-1/+7
* Fix wrong chain emitted for zone forward policy, the terminal chain is source...Jo-Philipp Wich2013-06-041-3/+3
* Replace fw3_free_zone() with the generic implementationJo-Philipp Wich2013-05-261-20/+0
* Add fw3_resolve_zone_addresses() helper to obtain a list of all subnets cover...Jo-Philipp Wich2013-05-261-0/+45
* Limit zone names to 14 bytesJo-Philipp Wich2013-05-221-0/+8
* Further fixes for zone reloadsJo-Philipp Wich2013-05-221-1/+4
* Rename struct fw3_rule_spec to struct fw3_chain_spec and move the declaration...Jo-Philipp Wich2013-05-171-3/+3
* Drop iptables-restore and create rules through libiptc and libxtablesJo-Philipp Wich2013-05-171-155/+213
* Use libiptc to clear current rulesetJo-Philipp Wich2013-05-131-12/+22
* Record device-network relation in state file, fix zone hotplug eventsJo-Philipp Wich2013-05-021-20/+7
* Remove referenced to unused FW3_FLAG_DELETED flagJo-Philipp Wich2013-04-301-4/+2
* Remove unused "running" argument form fw3_lookup_zone()Jo-Philipp Wich2013-04-301-1/+1
* Split runtime and config states, store runtime state in UCI formatJo-Philipp Wich2013-04-301-14/+10
* Properly handle deleted zones and ipsets on restartsJo-Philipp Wich2013-03-191-2/+4
* Accept network names in per-zone subnet optionJo-Philipp Wich2013-03-191-2/+2
* Implement support for "network" datatype and use it for masq_src / masq_destJo-Philipp Wich2013-03-191-4/+8
* Do not accept option src_mac for SNAT rulesJo-Philipp Wich2013-03-181-1/+1
* Consolidate and unify argument order for functionsJo-Philipp Wich2013-03-141-22/+22
* Emit hotplug calls when flushing / creating zone chainsJo-Philipp Wich2013-03-131-0/+54
View Lorry Controller Status