You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Jo-Philipp Wich
a9977eca91
firewall: allow local redirection of ports
...
Allow a redirect like:
config redirect
option src 'wan'
option dest 'lan'
option src_dport '22001'
option dest_port '22'
option proto 'tcp'
note the absence of the "dest_ip" field, meaning to terminate the connection on the firewall itself.
This patch makes three changes:
(1) moves the conntrack module into the conntrack package (but not any of the conntrack_* helpers).
(2) fixes a bug where the wrong table is used when the "dest_ip" field is absent.
(3) accepts incoming connections on the destination port on the input_ZONE table, but only for DNATted
connections.
In the above example,
ssh -p 22 root@myrouter
would fail from the outside, but:
ssh -p 22001 root@myrouter
would succeed. This is handy if:
(1) you want to avoid ssh probes on your router, or
(2) you want to redirect incoming connections on port 22 to some machine inside your firewall, but
still want to allow firewall access from outside.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
SVN-Revision: 26617
14 years ago
..
site
site: set ac_cv_sizeof_off_t=8 to fix autoconf applications using it for detecting largefile support ( #8376 , #5681 )
14 years ago
autotools.mk
autotools.mk: disable autoreconf recursion if more than one dir is given in PKG_AUTOMAKE_PATHS
14 years ago
cmake.mk
cmake.mk: don't assume toolchain binaries in .../bin/ if an external toolchain is used, rely on `which` instead
14 years ago
debug.mk
build: undefine debug helper templates used by subdir.mk if the DEBUG variable is empty, speeds up "make prereq" by 25% when lots of packages are installed
14 years ago
depends.mk
change the recursive dependency template to use more make evaluation - the shell command got so long that it triggered "Argument list too long" on some systems ( #8231 )
14 years ago
download.mk
add support for md5sum checks for mirrored tarballs of packages with version control source urls
14 years ago
host-build.mk
add a missing wrapper for the refresh target for host builds
14 years ago
host.mk
host.mk: introduce PATCH which refers to either gpatch or patch
14 years ago
image.mk
tools/squashfs4: update to version 4.2 (adds support for xz compression)
14 years ago
kernel-build.mk
build: clean up handling of the kernel config
14 years ago
kernel-defaults.mk
build: clean up handling of the kernel config
14 years ago
kernel-version.mk
kernel: add md5sum of kernel
14 years ago
kernel.mk
make ModuleAutoLoad more readable
14 years ago
netfilter.mk
firewall: allow local redirection of ports
14 years ago
nls.mk
prepare support for libiconv, libintl stub/full switching
14 years ago
package-bin.mk
only build bin packages for the selected build variants (same behaviour as with ipkg builds)
15 years ago
package-defaults.mk
add a new package metadata variable MDEPENDS for specifying local menuconfig dependencies that do not propagate to other packages
14 years ago
package-dumpinfo.mk
add a new package metadata variable MDEPENDS for specifying local menuconfig dependencies that do not propagate to other packages
14 years ago
package-ipkg.mk
build: move the SH_FUNC eval to the beginning of the opkg control file build command chain, not in front of every single command
14 years ago
package-version-override.mk
replace old quote stripping with calls to qstrip macro
15 years ago
package.mk
add support for md5sum checks for mirrored tarballs of packages with version control source urls
14 years ago
prereq-build.mk
add git (git-core) as a prerequisite ( #8866 )
14 years ago
prereq.mk
some minor fixes, cleanups, package build abstraction
17 years ago
quilt.mk
quilt.mk: export PATCH for patch-kernel.sh
14 years ago
scan.mk
build: log package dump failures to logs to avoid forcing user to write cryptic commands to figure out what's going on
14 years ago
shell.sh
clean up md5s() shell function
16 years ago
subdir.mk
make the build system a bit more silent without V=99
14 years ago
target.mk
build: clean up handling of the kernel config
14 years ago
toolchain-build.mk
optionally support parallel toolchain build. This defaults to off, because certain toolchain versions are known to break on parallel build. However, it significantly speeds up the build and latest versions of the tools do compile fine.
14 years ago
toplevel.mk
toplevel: add a warning about .config being out of sync after an update
14 years ago
unpack.mk
speed up the build system by including include/shell.sh on shell commands only where necessary
14 years ago
verbose.mk
Allow colored output to be disabled when running a non-verbose build by setting NO_COLOR=1
15 years ago