17 Commits (cd5366835269aaefac2218bbbdca74f46e1378af)

Author SHA1 Message Date
John Crispin 21bbdc24c3 adds a new uci firewall - iptbales and netfilter packages need to be rewrapped when we switch to this firewall as default - there are some examples in the file /etc/config/firewall - iptables-save/restore are still missing - hotplug takes care of adding/removing netdevs during runtime - misisng features ? wishes ? let me know ... 17 years ago
Felix Fietkau c89de79512 move /etc/config/firewall to /etc/firewall.config to prevent it from interfering with uci - yes, this beast really needs a rewrite :) 17 years ago
Felix Fietkau 0cf1a58282 Here comes the new UCI. Enjoy :) 17 years ago
Tim Yardley 85b17a4e9e update stripped subset of l7 patterns to 11-03-2007 patterns 17 years ago
Florian Fainelli 9d7192e5fa Add a boolean to allow NAT from LAN or not, default to nat LAN (#2535) 17 years ago
Florian Fainelli ada8e5dd95 Only masquerade LAN, other settings need manual tweaking 17 years ago
Florian Fainelli 304d5c8845 Only masquerade non routable addresses (#2535) 17 years ago
Felix Fietkau 2cc2d7707b make the firewall script run after the network script again (required for working with dynamically assigned interfaces), include the network state 18 years ago
Florian Fainelli 01b4fd853a Initialise firewall before network (#1988) 18 years ago
Felix Fietkau c05a061e4e fix a problem with the firewall script (multicast traffic could produce packet loss) 18 years ago
Felix Fietkau 8e88bb54ba port [6229] to kamikaze 18 years ago
Felix Fietkau 4323774d59 prepare for moving part of the firewall to hotplug. created new chains {input,forwarding,prerouting}_wan for wan port forwardings and updated the examples. syntax of /etc/config/firewall unchanged and old firewall.user files are still compatible 18 years ago
Felix Fietkau 223fdb0443 replace br0 with $LAN 18 years ago
Florian Fainelli a72fd20a82 export WAN variable so that firewall works (#907) 18 years ago
Felix Fietkau afd6539a65 add firewall protection for wan_device in addition to wan_ifname (fixes #852) 18 years ago
Felix Fietkau 8612d33691 init script cleanup, use /etc/rc.d/ for enabled scripts, /etc/init.d/<pkgname> (enable|disable) manages symlinks 18 years ago