ipt-server

firewall/ipt-server

Fork 0

63889b0dc9 LDAP(S): forgot to configure ldap/ldaps standard ports. master Christoph 2025-08-10 01:56:31 +02:00
abef59c769 Allow LDAP/LDAPS out only. Christoph 2025-08-10 01:50:23 +02:00
9fd36a8236 Add support for MNDP and mDNS traffic. Christoph 2025-02-16 18:48:22 +01:00
24d91d38c6 Add support for MNDP and mDNS traffic. Christoph 2025-02-16 18:40:50 +01:00
71e01e8413 logging_ipv[46].conf: add missing parameter 'log_blocked_ip'. Christoph 2025-02-15 10:59:53 +01:00
aab8585d90 Fix error creating 'smtpd_additional_listen_port_arr'. Christoph 2025-01-27 23:10:29 +01:00
e6984a622c post_decalrations.conf: fix error creating array 'smtpd_additional_outgoung_port_arr'. Christoph 2025-01-27 22:58:30 +01:00
409ace650e Merge branch 'master' of https://git.oopen.de/firewall/ipt-server Christoph 2025-01-27 22:18:55 +01:00
877814caf0 Add support for aditional smtp ports - OUT AND IN. Christoph 2025-01-27 22:15:40 +01:00
54ce58a52e replace 'default_ports.conf' with 'default_settings.conf'. Christoph 2025-01-27 14:49:47 +01:00
40591462ce Merge branch 'master' of https://git.oopen.de/firewall/ipt-server Christoph 2024-12-27 17:27:57 +01:00
3d65233059 ipt-firewall-server: fix error at munin role. Christoph 2024-12-27 17:27:28 +01:00
dce357a3df /main_ipv4.conf.sample,main_ipv6.conf.sample: Change munin IP address. Christoph 2024-12-27 10:53:53 +01:00
f0e15b992b Fix error for not firewalled interfaces. Christoph 2024-12-24 17:16:35 +01:00
e7311a3963 Add Prometheus Service Christoph 2024-11-05 17:21:05 +01:00
0eca4f3eaf main_ipv[46].conf.sample: add 'per_IP_connection_limit' parameter. Christoph 2024-09-26 15:21:17 +02:00
830f48ff61 Add support for logging CGI script user. Christoph 2024-09-14 01:15:52 +02:00
bbabeeab27 Add support for PGP/GPG Key server.. Christoph 2024-07-24 17:14:04 +02:00
1062208237 ip6t-firewall-server,ipt-firewall-server: move 'Loopback device generally allowed' to an earlier point in the script. Christoph 2024-04-08 21:07:51 +02:00
d857756be7 ip6t-firewall-server: add '(end of firewall)' to the last reject rule. Christoph 2024-04-06 03:20:27 +02:00
b183770b91 forgot 'updating conf/include_functions.conf' file. Christoph 2024-04-04 19:22:08 +02:00
e6566bafeb Some changes in per IP Connection Limit. Christoph 2024-04-04 18:57:36 +02:00
2532b116b8 Support user settings for sourvce IP connection limit - ff. Christoph 2024-04-04 18:34:28 +02:00
738809ba95 Support user settings for sourvce IP connection limit. Christoph 2024-04-04 15:17:31 +02:00
7c00c7783c Add China/Hon Long networks ti nan list. Christoph 2024-01-17 11:10:41 +01:00
ce0ee2d243 Add variables for lx guest system ip's. Christoph 2023-05-02 22:26:40 +02:00
8e64cc36ac some minor changes.. Christoph 2023-05-02 21:45:43 +02:00
536aea7d97 change defaut value for '+do_not_firewall_lx_guest_systems' to false. Christoph 2023-05-02 21:37:47 +02:00
ff098ac058 Add rule to prevent LX containers from firewalld on host system. Christoph 2023-05-02 20:45:27 +02:00
a2ba79185d main_ipv6.conf.sample: change default value of 'mm_service_ips' to an empty one. Christoph 2023-01-24 18:17:01 +01:00
486789c6b5 Add support for MatterMost (MM) service. Christoph 2023-01-24 17:42:27 +01:00
9f016b1776 Add support for routing networks through wireguard connections. ckubu 2022-08-12 01:16:53 +02:00
0831f26891 Add support for WireGuard VPN Service. ckubu 2022-08-11 10:43:04 +02:00
2d07d39a55 allow those ssh ports out, which are also allowed for incoming traffic. Christoph 2021-10-26 11:02:59 +02:00
c78edd01be Drop traffic on extern interfaces iinto private networks. Christoph 2021-09-02 12:07:25 +02:00
c65e0102ae ipt-firewall-server/ip6t-firewall-server: change order for 'Restrict Service/Net to..'. Christoph 2021-08-20 01:33:47 +02:00
5ec7c9bcea Add support for dhclient. Christoph 2021-01-11 19:59:08 +01:00
e68705c819 some minor changes on file 'main_ipv6.conf.sample'. Christoph 2020-11-04 16:25:14 +01:00
e1047e9c47 Some more or less minor changes.. Christoph 2020-10-30 15:00:46 +01:00
35d3ffeded Some minor changes.. Christoph 2020-10-30 13:56:34 +01:00
c8b7e9b0f5 change rules and location of rules for 'Allow forwarding (private) IPs'. Christoph 2020-10-30 11:59:38 +01:00
96b3e162fe Fix error droping ICMP packets. fix error dropping private networks. Christoph 2020-10-29 12:55:59 +01:00
bcdee40228 Changing rules for protection against several ddos attacks. Christoph 2020-10-28 20:57:08 +01:00
498b34741c Add support for Portforwarding TCP/UDP using socat. Christoph 2020-06-03 14:10:27 +02:00
53de5746cf Support Streaming via YouTube. Christoph 2020-05-17 17:56:23 +02:00
c695a63372 ip6t-firewall-server,ipt-firewall-server: add rtp port for jibri (jitsi client) service. Christoph 2020-05-17 04:20:13 +02:00
fbe1089099 add support for Jibri Streamin/Recording. Christoph 2020-05-16 13:42:22 +02:00
b24dcf0a3d load_modules_ipv6.conf: load module 'br_netfilter'. Christoph 2020-04-30 10:40:01 +02:00
ac6845a8fd Merge branch 'master' of https://git.oopen.de/firewall/ipt-server Christoph 2020-04-27 21:43:42 +02:00
2ebeae6479 Change default munin remote ip. Christoph 2020-04-27 21:43:14 +02:00
cf999b48fc Merge branch 'master' of git.oopen.de:firewall/ipt-server Christoph 2020-04-27 16:23:18 +02:00
3627c5169b main_ipv[46].con: minor changes at comments for DND/Resolver Service. Christoph 2020-04-27 16:23:02 +02:00
966a9dac6b Adjust some ports at files 'main_ipv4.conf.sample' and 'main_ipv6.conf.sample'. Christoph 2020-04-26 16:04:19 +02:00
3f3b4c3c76 Settings for default ports 'dovecot_service_external_auth_port' and 'default_jitsi_dovecout_auth_port'. Christoph 2020-04-26 15:53:41 +02:00
df10be0d45 Add support fpr Jitsi Meet Authentication agains dovecot. Christoph 2020-04-26 10:16:32 +02:00
dcbe4605bc Add outgoing ports needed by jitsi service (discover public address fronm stun services). Christoph 2020-04-23 15:12:29 +02:00
400adea8e3 Ajust jitsi_tcp_ports. Christoph 2020-03-21 19:30:34 +01:00
450a9d5dcf Adjust support for TURN Server (NC App Talk). Christoph 2020-03-21 18:43:45 +01:00
9f2764c0ae Add support for NCs Talk app with own stun/turn server. Christoph 2020-03-21 12:57:11 +01:00
6ea1f594b8 Jitsi Video Conference Service: fix UDP Ports. Christoph 2020-03-17 23:17:20 +01:00
9d8983713c Adjust firewall scripts to support Jitsi Video Conferencing Service. Christoph 2020-03-17 22:59:01 +01:00
93856c8fb3 Add Jitsi Video Conferencing Service. Christoph 2020-03-17 22:43:03 +01:00
5ea1b0acbd DNS 'ANY' request uses TCP port. So allow DNS TCP requests for 'resolver_allowed_network_arr'. Christoph 2020-02-19 14:03:16 +01:00
1fc3da67f8 ip6t-firewall-server: fix error at 'allow_local_service' - separator was wrong. Christoph 2019-09-22 23:39:44 +02:00
e292be4141 Support local service from given extern network Christoph 2019-09-04 01:11:31 +02:00
051e7da995 Add support for (local) dovecot auth service. Christoph 2019-09-03 17:54:46 +02:00
f87f7bbda0 Support multiple networks for access to local resolver - forgot iptables scripts. Christoph 2019-09-03 03:52:54 +02:00
328219c4b6 Support multiple networks for access to local resolver. Christoph 2019-09-03 03:49:24 +02:00
1b35830610 Add support for XMPP (Jabber Prosody) Service ckubu 2019-09-02 01:05:22 +02:00
eaf4fb9a40 Some minor chanes on comments. Christoph 2019-09-01 21:24:07 +02:00
2665010eb3 support Resolver for specified (local) network. Part 2 Christoph 2019-09-01 20:59:38 +02:00
8e85e893ad support Resolver for specified (local) network. Christoph 2019-09-01 20:57:16 +02:00
142778c718 Support local NTP Server. ckubu 2019-09-01 17:29:54 +02:00
70f62dc7fa main_ipv[4|6].conf.sample: minor changes on file comments. Christoph 2019-07-01 00:40:54 +02:00
b02ba8b8f2 main_ipv[4|6].conf.sample: minor changes on file comments. Christoph 2019-07-01 00:29:59 +02:00
0daa7a9d40 main_ipv[4|6].conf.sample: monor changes on file comments. Christoph 2019-07-01 00:26:01 +02:00
57d09ba98d Add file 'conf/default_ports.conf'. Remove file 'conf/ports.conf'. Christoph 2019-06-30 15:29:07 +02:00
b3347d273d Merge branch 'master' of git.oopen.de:firewall/ipt-server Christoph 2019-05-20 15:54:14 +02:00
f4b74813d2 Fix error at section 'Special TCP Ports OUT'. Christoph 2019-05-20 15:53:56 +02:00
55bd9d4335 Fix error forwarding private networks. Christoph 2019-05-19 18:30:18 +02:00
dc91143e39 Fix error reading IPv4/IPv6 ban list. Christoph 2019-05-12 17:10:39 +02:00
949a96cd34 Change default remote munin server ip. Christoph 2019-03-13 16:13:18 +01:00
9444e0ae12 Allow GIT port (9418) out. Christoph 2019-03-13 16:04:59 +01:00
2bae6a7953 Rename README.systemd.server -> README.install. Christoph 2019-03-09 16:02:42 +01:00
c6de143b1e Reorganize ports for services, rename 'default_ports.conf' to 'ports.conf'. Christoph 2019-03-09 15:42:24 +01:00
4967e6549d New: allow_all_outgoing_traffic (true/false) Christoph 2019-03-07 19:31:12 +01:00
f4e92ec8b3 Adjusrt README.ulogd. Christoph 2019-03-07 18:37:10 +01:00
7c8e98198e Fis some error, adjust docu. Christoph 2019-03-07 18:15:16 +01:00
15accbe3a6 Complete the last commit. Christoph 2019-03-07 05:07:46 +01:00
040f453e6d Redesign script. Christoph 2019-03-07 05:03:30 +01:00
3c896d7052 Add support for encrypted connections 'FTP out only'. Christoph 2019-03-02 21:48:13 +01:00
39529f7f54 ip6t-firewall-server: change name of created ftpdata list to ftp6date_ Christoph 2019-03-02 21:11:12 +01:00
45b3274c03 Fix error for ftp server rules. Christoph 2019-03-02 04:50:40 +01:00
bd4f24b244 Adjust comments for using '0/0' or '::/0' to match all IPv4/IPv6 networks. Christoph 2019-02-27 03:52:01 +01:00
e7fd6ee87a Add rules for extern services, extern networks and local (non-standard) services. Christoph 2019-02-25 15:24:51 +01:00
7219691f1e Some minor changes. Christoph 2019-02-25 01:24:14 +01:00
19bfef7e71 Use CT target also for incomming ftp connections. Christoph 2019-02-25 01:13:58 +01:00
7a024c025e Use CT helper for ftp rules 'FTP out only'. Christoph 2019-02-24 17:25:12 +01:00
f4693f3426 README.systemd.server: add copy-commands for ipv4/ipv6 ban lists. Christoph 2019-02-05 14:13:01 +01:00
97c6ae3bff Remove development code (echo-line). Christoph 2018-10-20 02:58:05 +02:00

Commit Graph Select branches Hide Pull Requests master Mono Color

Commit Graph

Select branches

Hide Pull Requests

master