ipt-server

firewall/ipt-server

Fork 0

9fd36a8236 Add support for MNDP and mDNS traffic. master Christoph 2025-02-16 18:48:22 +0100
24d91d38c6 Add support for MNDP and mDNS traffic. Christoph 2025-02-16 18:40:50 +0100
71e01e8413 logging_ipv[46].conf: add missing parameter 'log_blocked_ip'. Christoph 2025-02-15 10:59:53 +0100
aab8585d90 Fix error creating 'smtpd_additional_listen_port_arr'. Christoph 2025-01-27 23:10:29 +0100
e6984a622c post_decalrations.conf: fix error creating array 'smtpd_additional_outgoung_port_arr'. Christoph 2025-01-27 22:58:30 +0100
409ace650e Merge branch 'master' of https://git.oopen.de/firewall/ipt-server Christoph 2025-01-27 22:18:55 +0100
877814caf0 Add support for aditional smtp ports - OUT AND IN. Christoph 2025-01-27 22:15:40 +0100
54ce58a52e replace 'default_ports.conf' with 'default_settings.conf'. Christoph 2025-01-27 14:49:47 +0100
40591462ce Merge branch 'master' of https://git.oopen.de/firewall/ipt-server Christoph 2024-12-27 17:27:57 +0100
3d65233059 ipt-firewall-server: fix error at munin role. Christoph 2024-12-27 17:27:28 +0100
dce357a3df /main_ipv4.conf.sample,main_ipv6.conf.sample: Change munin IP address. Christoph 2024-12-27 10:53:53 +0100
f0e15b992b Fix error for not firewalled interfaces. Christoph 2024-12-24 17:16:35 +0100
e7311a3963 Add Prometheus Service Christoph 2024-11-05 17:21:05 +0100
0eca4f3eaf main_ipv[46].conf.sample: add 'per_IP_connection_limit' parameter. Christoph 2024-09-26 15:21:17 +0200
830f48ff61 Add support for logging CGI script user. Christoph 2024-09-14 01:15:52 +0200
bbabeeab27 Add support for PGP/GPG Key server.. Christoph 2024-07-24 17:14:04 +0200
1062208237 ip6t-firewall-server,ipt-firewall-server: move 'Loopback device generally allowed' to an earlier point in the script. Christoph 2024-04-08 21:07:51 +0200
d857756be7 ip6t-firewall-server: add '(end of firewall)' to the last reject rule. Christoph 2024-04-06 03:20:27 +0200
b183770b91 forgot 'updating conf/include_functions.conf' file. Christoph 2024-04-04 19:22:08 +0200
e6566bafeb Some changes in per IP Connection Limit. Christoph 2024-04-04 18:57:36 +0200
2532b116b8 Support user settings for sourvce IP connection limit - ff. Christoph 2024-04-04 18:34:28 +0200
738809ba95 Support user settings for sourvce IP connection limit. Christoph 2024-04-04 15:17:31 +0200
7c00c7783c Add China/Hon Long networks ti nan list. Christoph 2024-01-17 11:10:41 +0100
ce0ee2d243 Add variables for lx guest system ip's. Christoph 2023-05-02 22:26:40 +0200
8e64cc36ac some minor changes.. Christoph 2023-05-02 21:45:43 +0200
536aea7d97 change defaut value for '+do_not_firewall_lx_guest_systems' to false. Christoph 2023-05-02 21:37:47 +0200
ff098ac058 Add rule to prevent LX containers from firewalld on host system. Christoph 2023-05-02 20:45:27 +0200
a2ba79185d main_ipv6.conf.sample: change default value of 'mm_service_ips' to an empty one. Christoph 2023-01-24 18:17:01 +0100
486789c6b5 Add support for MatterMost (MM) service. Christoph 2023-01-24 17:42:27 +0100
9f016b1776 Add support for routing networks through wireguard connections. ckubu 2022-08-12 01:16:53 +0200
0831f26891 Add support for WireGuard VPN Service. ckubu 2022-08-11 10:43:04 +0200
2d07d39a55 allow those ssh ports out, which are also allowed for incoming traffic. Christoph 2021-10-26 11:02:59 +0200
c78edd01be Drop traffic on extern interfaces iinto private networks. Christoph 2021-09-02 12:07:25 +0200
c65e0102ae ipt-firewall-server/ip6t-firewall-server: change order for 'Restrict Service/Net to..'. Christoph 2021-08-20 01:33:47 +0200
5ec7c9bcea Add support for dhclient. Christoph 2021-01-11 19:59:08 +0100
e68705c819 some minor changes on file 'main_ipv6.conf.sample'. Christoph 2020-11-04 16:25:14 +0100
e1047e9c47 Some more or less minor changes.. Christoph 2020-10-30 15:00:46 +0100
35d3ffeded Some minor changes.. Christoph 2020-10-30 13:56:34 +0100
c8b7e9b0f5 change rules and location of rules for 'Allow forwarding (private) IPs'. Christoph 2020-10-30 11:59:38 +0100
96b3e162fe Fix error droping ICMP packets. fix error dropping private networks. Christoph 2020-10-29 12:55:59 +0100
bcdee40228 Changing rules for protection against several ddos attacks. Christoph 2020-10-28 20:57:08 +0100
498b34741c Add support for Portforwarding TCP/UDP using socat. Christoph 2020-06-03 14:10:27 +0200
53de5746cf Support Streaming via YouTube. Christoph 2020-05-17 17:56:23 +0200
c695a63372 ip6t-firewall-server,ipt-firewall-server: add rtp port for jibri (jitsi client) service. Christoph 2020-05-17 04:20:13 +0200
fbe1089099 add support for Jibri Streamin/Recording. Christoph 2020-05-16 13:42:22 +0200
b24dcf0a3d load_modules_ipv6.conf: load module 'br_netfilter'. Christoph 2020-04-30 10:40:01 +0200
ac6845a8fd Merge branch 'master' of https://git.oopen.de/firewall/ipt-server Christoph 2020-04-27 21:43:42 +0200
2ebeae6479 Change default munin remote ip. Christoph 2020-04-27 21:43:14 +0200
cf999b48fc Merge branch 'master' of git.oopen.de:firewall/ipt-server Christoph 2020-04-27 16:23:18 +0200
3627c5169b main_ipv[46].con: minor changes at comments for DND/Resolver Service. Christoph 2020-04-27 16:23:02 +0200
966a9dac6b Adjust some ports at files 'main_ipv4.conf.sample' and 'main_ipv6.conf.sample'. Christoph 2020-04-26 16:04:19 +0200
3f3b4c3c76 Settings for default ports 'dovecot_service_external_auth_port' and 'default_jitsi_dovecout_auth_port'. Christoph 2020-04-26 15:53:41 +0200
df10be0d45 Add support fpr Jitsi Meet Authentication agains dovecot. Christoph 2020-04-26 10:16:32 +0200
dcbe4605bc Add outgoing ports needed by jitsi service (discover public address fronm stun services). Christoph 2020-04-23 15:12:29 +0200
400adea8e3 Ajust jitsi_tcp_ports. Christoph 2020-03-21 19:30:34 +0100
450a9d5dcf Adjust support for TURN Server (NC App Talk). Christoph 2020-03-21 18:43:45 +0100
9f2764c0ae Add support for NCs Talk app with own stun/turn server. Christoph 2020-03-21 12:57:11 +0100
6ea1f594b8 Jitsi Video Conference Service: fix UDP Ports. Christoph 2020-03-17 23:17:20 +0100
9d8983713c Adjust firewall scripts to support Jitsi Video Conferencing Service. Christoph 2020-03-17 22:59:01 +0100
93856c8fb3 Add Jitsi Video Conferencing Service. Christoph 2020-03-17 22:43:03 +0100
5ea1b0acbd DNS 'ANY' request uses TCP port. So allow DNS TCP requests for 'resolver_allowed_network_arr'. Christoph 2020-02-19 14:03:16 +0100
1fc3da67f8 ip6t-firewall-server: fix error at 'allow_local_service' - separator was wrong. Christoph 2019-09-22 23:39:44 +0200
e292be4141 Support local service from given extern network Christoph 2019-09-04 01:11:31 +0200
051e7da995 Add support for (local) dovecot auth service. Christoph 2019-09-03 17:54:46 +0200
f87f7bbda0 Support multiple networks for access to local resolver - forgot iptables scripts. Christoph 2019-09-03 03:52:54 +0200
328219c4b6 Support multiple networks for access to local resolver. Christoph 2019-09-03 03:49:24 +0200
1b35830610 Add support for XMPP (Jabber Prosody) Service ckubu 2019-09-02 01:05:22 +0200
eaf4fb9a40 Some minor chanes on comments. Christoph 2019-09-01 21:24:07 +0200
2665010eb3 support Resolver for specified (local) network. Part 2 Christoph 2019-09-01 20:59:38 +0200
8e85e893ad support Resolver for specified (local) network. Christoph 2019-09-01 20:57:16 +0200
142778c718 Support local NTP Server. ckubu 2019-09-01 17:29:54 +0200
70f62dc7fa main_ipv[4|6].conf.sample: minor changes on file comments. Christoph 2019-07-01 00:40:54 +0200
b02ba8b8f2 main_ipv[4|6].conf.sample: minor changes on file comments. Christoph 2019-07-01 00:29:59 +0200
0daa7a9d40 main_ipv[4|6].conf.sample: monor changes on file comments. Christoph 2019-07-01 00:26:01 +0200
57d09ba98d Add file 'conf/default_ports.conf'. Remove file 'conf/ports.conf'. Christoph 2019-06-30 15:29:07 +0200
b3347d273d Merge branch 'master' of git.oopen.de:firewall/ipt-server Christoph 2019-05-20 15:54:14 +0200
f4b74813d2 Fix error at section 'Special TCP Ports OUT'. Christoph 2019-05-20 15:53:56 +0200
55bd9d4335 Fix error forwarding private networks. Christoph 2019-05-19 18:30:18 +0200
dc91143e39 Fix error reading IPv4/IPv6 ban list. Christoph 2019-05-12 17:10:39 +0200
949a96cd34 Change default remote munin server ip. Christoph 2019-03-13 16:13:18 +0100
9444e0ae12 Allow GIT port (9418) out. Christoph 2019-03-13 16:04:59 +0100
2bae6a7953 Rename README.systemd.server -> README.install. Christoph 2019-03-09 16:02:42 +0100
c6de143b1e Reorganize ports for services, rename 'default_ports.conf' to 'ports.conf'. Christoph 2019-03-09 15:42:24 +0100
4967e6549d New: allow_all_outgoing_traffic (true/false) Christoph 2019-03-07 19:31:12 +0100
f4e92ec8b3 Adjusrt README.ulogd. Christoph 2019-03-07 18:37:10 +0100
7c8e98198e Fis some error, adjust docu. Christoph 2019-03-07 18:15:16 +0100
15accbe3a6 Complete the last commit. Christoph 2019-03-07 05:07:46 +0100
040f453e6d Redesign script. Christoph 2019-03-07 05:03:30 +0100
3c896d7052 Add support for encrypted connections 'FTP out only'. Christoph 2019-03-02 21:48:13 +0100
39529f7f54 ip6t-firewall-server: change name of created ftpdata list to ftp6date_ Christoph 2019-03-02 21:11:12 +0100
45b3274c03 Fix error for ftp server rules. Christoph 2019-03-02 04:50:40 +0100
bd4f24b244 Adjust comments for using '0/0' or '::/0' to match all IPv4/IPv6 networks. Christoph 2019-02-27 03:52:01 +0100
e7fd6ee87a Add rules for extern services, extern networks and local (non-standard) services. Christoph 2019-02-25 15:24:51 +0100
7219691f1e Some minor changes. Christoph 2019-02-25 01:24:14 +0100
19bfef7e71 Use CT target also for incomming ftp connections. Christoph 2019-02-25 01:13:58 +0100
7a024c025e Use CT helper for ftp rules 'FTP out only'. Christoph 2019-02-24 17:25:12 +0100
f4693f3426 README.systemd.server: add copy-commands for ipv4/ipv6 ban lists. Christoph 2019-02-05 14:13:01 +0100
97c6ae3bff Remove development code (echo-line). Christoph 2018-10-20 02:58:05 +0200
5505f52570 Ignore double entries in file 'ban_ipv4.list'. Changes in log output for banned ipv4 addresses. Christoph 2018-10-20 02:54:55 +0200
dabe845943 Changes in log output for banned ipv6 addresses. Christoph 2018-10-20 02:53:06 +0200

Commit Graph Select branches Hide Pull Requests master Mono Color

Commit Graph

Select branches

Hide Pull Requests

master