| 2013-02-10 |
Mark Wooding | New host `mango'. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2013-02-09 |
Mark Wooding | classify.m4: Hook the INPUT and FORWARD chains, not... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2013-02-09 |
Mark Wooding | ibanez.m4: Open an explicit hole for `udpkey'. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2013-02-09 |
Mark Wooding | local.m4: Yet more explicit networks for asymmetric... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2013-01-26 |
Mark Wooding | local.m4: New satellite network `binswood'. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2013-01-26 |
Mark Wooding | local.m4: Make the net-class policies easier to read. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2013-01-26 |
Mark Wooding | local.m4: Nothing should forward via `iodine'. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2013-01-26 |
Mark Wooding | functions.m4, local.m4: Rename `forwards' to `via'. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2013-01-13 |
Mark Wooding | New host `orange'. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2013-01-13 |
Mark Wooding | ibanez.m4, vampire.m4: Provide NTP service to untrusted... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2013-01-08 |
Mark Wooding | bookends.m4: Better check for bridging. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-12-29 |
Mark Wooding | stratocaster.m4: Provide rsync service. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-12-28 |
Mark Wooding | {roadstar,jem,telecaster,stratocaster}.m4: Move Git... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-12-28 |
Mark Wooding | artist.m4: Moved the `rawk' server to artist. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-12-15 |
Mark Wooding | jazz.m4, local.m4: Make jazz be a TrIPE endpoint. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-12-14 |
Mark Wooding | numbers.m4: Add port number for IRC. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-12-13 |
Mark Wooding | Makefile: If the user overrides HOSTS, don't install... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-12-13 |
Mark Wooding | local.m4: Add a prose commentary on address allocation. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-12-11 |
Mark Wooding | functions.m4: Correctly clear `to' network field in... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-12-11 |
Mark Wooding | classify.m4: Dispatch on destination addresses to corre... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-12-11 |
Mark Wooding | classify.m4: Classify individual host routes correctly. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-12-11 |
Mark Wooding | classify.m4: Clean up interface map tracing. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-12-11 |
Mark Wooding | functions.m4: Fix up commentary for `matchnets'. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-12-11 |
Mark Wooding | local.m4, jazz.m4: Move iodine endpoint to jazz. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-12-11 |
Mark Wooding | numbers.m4, vampire.m4: Expose print server to local... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-10-14 |
Mark Wooding | radius.m4: Allow external servers to contact the identd. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-10-14 |
Mark Wooding | local.m4, radius.m4: radius is now the host gateway... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-09-12 |
Mark Wooding | local.m4: artist should expect untrusted source addrs... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-09-12 |
Mark Wooding | local.m4: Track VLAN renumbering in vampire's interface... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-06-08 |
Mark Wooding | Rate limiting for incoming DNS queries over UDP. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-06-08 |
Mark Wooding | radius.m4: Handy ipset hook for ad-hoc safe/unstrusted... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-06-08 |
Mark Wooding | local.m4: Refactor common SSH permission between safe... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-05-03 |
Mark Wooding | local.m4: Packets can be routed over the safe network. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-04-25 |
Mark Wooding | local.m4: Add the colocated servers to the VPN. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-04-23 |
Mark Wooding | local.m4: Untrusted source addresses appear on the... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-04-23 |
Mark Wooding | bookends.m4: Allow redirects to (non-routing) hosts. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-04-20 |
Mark Wooding | Configuration for new colocated virtual servers. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-04-20 |
Mark Wooding | local.m4: More interfaces for artist. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-04-20 |
Mark Wooding | local.m4: Default addresses reach the IPv6 tunnel inter... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-04-20 |
Mark Wooding | jem.m4, artist.m4: Allow answers to DNS queries. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-04-20 |
Mark Wooding | radius.m4: Load NAT helpers (from d119795). |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-04-20 |
Mark Wooding | bookends.m4: Configure IPv6 router advertisement stuff. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-04-20 |
Mark Wooding | functions.m4, local.m4: Introduce more kinds of hosts. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-04-20 |
Mark Wooding | functions.m4: Actually set the IPv6 options. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-30 |
Mark Wooding | fender.m4: Define an address to be a guaranteed black... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-23 |
Mark Wooding | local.m4: A new network for the SGO VPN. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-23 |
Mark Wooding | functions.m4, classify.m4: Handle negative address... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-23 |
Mark Wooding | Make FW_NOACT work properly. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-17 |
Mark Wooding | local.m4: Declare network for anycast services. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-17 |
Mark Wooding | local.m4: Reorder forwarding networks for `default'. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-17 |
Mark Wooding | local.m4: Move `vpn' to the common networks section. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-12 |
Mark Wooding | Overhaul address classification for link-local and... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-12 |
Mark Wooding | functions.m4: Publish the per-class forwarding bitmasks. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-12 |
Mark Wooding | functions.m4: The mark-{from,to}-* rules no longer... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-12 |
Mark Wooding | classify.m4: Use canonical forms for IPv6 addresses. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-12 |
Mark Wooding | local.m4: Actually use the IPv6 fragmentation forbiddin... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-12 |
Mark Wooding | Extend proper ICMP handling to IPv6. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-12 |
Mark Wooding | bookends.m4: Optimize checking for forwarding IPv6... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-11 |
Mark Wooding | vampire.m4: Extend services to untrusted hosts over... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-11 |
Mark Wooding | Introduce variable for expected input chains. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-11 |
Mark Wooding | local.m4: Fix the `safe' network prefix length. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-11 |
Mark Wooding | local.m4: Define the IPv6 network structure. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-11 |
Mark Wooding | local.m4: Add routes to/from the `safe' network. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-11 |
Mark Wooding | local.m4: The VPN will be available through the colo. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-11 |
Mark Wooding | functions.m4: Correct defaulting of IPv6 host addresses. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-08 |
Mark Wooding | classify.m4: Reject the RFC5737 documentation-only... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-07 |
Mark Wooding | Move per-host filtering to diversion 86 as promised. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-07 |
Mark Wooding | local.m4: Add `unsafe' to ibanez `br-dmz' interface. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-07 |
Mark Wooding | functions: Move NTP server list out of line. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-06 |
Mark Wooding | local.m4: Allow dmz/jump packets on unsafe/colo network... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-06 |
Mark Wooding | radius.m4: Forbid traffic directly to the NAT address. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-06 |
Mark Wooding | radius.m4: Use the correct interface name for NAT. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-06 |
Mark Wooding | local.m4: Fix IGMP acceptance (debris from old interfac... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-05 |
Mark Wooding | functions.m4: Write the netclass ids to the trace output. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-05 |
Mark Wooding | bookends.m4: If debugging, dump the final tables. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-05 |
Mark Wooding | Determine forwarding and reverse-path filtering from... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-05 |
Mark Wooding | Overhaul address classification. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-05 |
Mark Wooding | local.m4: Promote the NTP server configuration to a... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-05 |
Mark Wooding | Renumber the diversions. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-05 |
Mark Wooding | fixup! WIP on emergency: 7a108d1 Makefile: New target... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-05 |
Mark Wooding | Makefile: New target for tracking diversions. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-03-05 |
Mark Wooding | Makefile, base.m4: Inject the target hostname into... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-02-12 |
Mark Wooding | numbers.m4, gibson.m4: Allow gibson to receive IPMI... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-02-12 |
Mark Wooding | bookends.m4: Open up tables we clobbered at exit. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-02-11 |
Mark Wooding | fender: New host, with basic firewall. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-02-11 |
Mark Wooding | numbers.m4, vampire.m4: Serve TFTP to the untrusted... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2012-02-11 |
Mark Wooding | numbers.m4, gibson.m4: Allow gibson public SIP access. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2011-07-23 |
Mark Wooding | jem.m4: Add a hook for SAUCE. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2011-07-23 |
Mark Wooding | functions.m4: New function for arranging that an ipset... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2011-07-23 |
Mark Wooding | functions.m4: Make clearchain tolerant of existing... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2011-07-23 |
Mark Wooding | bookends.m4: Much more intelligent initialization. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2011-07-23 |
Mark Wooding | jem.m4: Remove SMB for untrusted hosts. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2011-07-23 |
Mark Wooding | functions.m4: Rate-limit rejections on error chains. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2011-07-17 |
Mark Wooding | bookends.m4: Provide a hook chain for fail2ban. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2011-07-15 |
Mark Wooding | radius.m4: Allow IPv6 tunnel from Hurricane Electric... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2011-07-15 |
Mark Wooding | functions.m4, numbers.m4: Define protocol number for... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2011-07-15 |
Mark Wooding | bookend.m4: Finish off the IPv6 chains. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2011-07-13 |
Mark Wooding | hosts: Allow incoming ident requests. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2011-07-10 |
Mark Wooding | radius.m4: Take over NAT duties. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| 2011-07-10 |
Mark Wooding | Major network restructuring. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
| next |
~mdw / firewall / shortlog