2014-03-08 |
Mark Wooding | fender.m4: Reformat the ebtables hacking a bit. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2014-03-08 |
Mark Wooding | functions.m4, radius.m4: BCP38 filtering for outbound... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2014-03-07 |
Mark Wooding | base.m4: Run firewall after local filesystems are mounted. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2014-02-12 |
Mark Wooding | numbers.m4, stratocaster.m4: Public-facing IMAP server. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2014-01-07 |
Mark Wooding | numbers.m4, telecaster.m4: TLS-enabled web cache. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-09-10 |
Mark Wooding | local.mk: jaguar's firewall is maintained locally now. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-09-04 |
Mark Wooding | fender.m4: Trap bad source IP addresses at the ethernet... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-09-02 |
Mark Wooding | jazz.m4: Allow iodine hosts NATed internet access. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-09-02 |
Mark Wooding | jaguar.m4, local.m4, local.mk: New host. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-05-06 |
Mark Wooding | telecaster.m4: Rate-limit incoming ICP. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-05-06 |
Mark Wooding | functions.m4: Partially cope with ipset(8) command... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-04-19 |
Mark Wooding | numbers.m4, telecaster.m4: Expose the Squid ICP port. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-04-19 |
Mark Wooding | mango.m4: Reverse NAT into the main network. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-04-19 |
Mark Wooding | classify.m4: Document the source of blacklisted address... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-03-26 |
Mark Wooding | jazz.m4: No, jazz is not a nameserver. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-03-26 |
Mark Wooding | mango.m4: Tighten up the SNAT rules. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-03-16 |
Mark Wooding | config.m4: Extend the upper limit on open ports. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-02-10 |
Mark Wooding | New host `mango'. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-02-09 |
Mark Wooding | classify.m4: Hook the INPUT and FORWARD chains, not... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-02-09 |
Mark Wooding | ibanez.m4: Open an explicit hole for `udpkey'. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-02-09 |
Mark Wooding | local.m4: Yet more explicit networks for asymmetric... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-01-26 |
Mark Wooding | local.m4: New satellite network `binswood'. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-01-26 |
Mark Wooding | local.m4: Make the net-class policies easier to read. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-01-26 |
Mark Wooding | local.m4: Nothing should forward via `iodine'. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-01-26 |
Mark Wooding | functions.m4, local.m4: Rename `forwards' to `via'. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-01-13 |
Mark Wooding | New host `orange'. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-01-13 |
Mark Wooding | ibanez.m4, vampire.m4: Provide NTP service to untrusted... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2013-01-08 |
Mark Wooding | bookends.m4: Better check for bridging. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-12-29 |
Mark Wooding | stratocaster.m4: Provide rsync service. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-12-28 |
Mark Wooding | {roadstar,jem,telecaster,stratocaster}.m4: Move Git... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-12-28 |
Mark Wooding | artist.m4: Moved the `rawk' server to artist. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-12-15 |
Mark Wooding | jazz.m4, local.m4: Make jazz be a TrIPE endpoint. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-12-14 |
Mark Wooding | numbers.m4: Add port number for IRC. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-12-13 |
Mark Wooding | Makefile: If the user overrides HOSTS, don't install... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-12-13 |
Mark Wooding | local.m4: Add a prose commentary on address allocation. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-12-11 |
Mark Wooding | functions.m4: Correctly clear `to' network field in... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-12-11 |
Mark Wooding | classify.m4: Dispatch on destination addresses to corre... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-12-11 |
Mark Wooding | classify.m4: Classify individual host routes correctly. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-12-11 |
Mark Wooding | classify.m4: Clean up interface map tracing. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-12-11 |
Mark Wooding | functions.m4: Fix up commentary for `matchnets'. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-12-11 |
Mark Wooding | local.m4, jazz.m4: Move iodine endpoint to jazz. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-12-11 |
Mark Wooding | numbers.m4, vampire.m4: Expose print server to local... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-10-14 |
Mark Wooding | radius.m4: Allow external servers to contact the identd. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-10-14 |
Mark Wooding | local.m4, radius.m4: radius is now the host gateway... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-09-12 |
Mark Wooding | local.m4: artist should expect untrusted source addrs... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-09-12 |
Mark Wooding | local.m4: Track VLAN renumbering in vampire's interface... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-06-08 |
Mark Wooding | Rate limiting for incoming DNS queries over UDP. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-06-08 |
Mark Wooding | radius.m4: Handy ipset hook for ad-hoc safe/unstrusted... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-06-08 |
Mark Wooding | local.m4: Refactor common SSH permission between safe... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-05-03 |
Mark Wooding | local.m4: Packets can be routed over the safe network. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-04-25 |
Mark Wooding | local.m4: Add the colocated servers to the VPN. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-04-23 |
Mark Wooding | local.m4: Untrusted source addresses appear on the... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-04-23 |
Mark Wooding | bookends.m4: Allow redirects to (non-routing) hosts. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-04-20 |
Mark Wooding | Configuration for new colocated virtual servers. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-04-20 |
Mark Wooding | local.m4: More interfaces for artist. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-04-20 |
Mark Wooding | local.m4: Default addresses reach the IPv6 tunnel inter... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-04-20 |
Mark Wooding | jem.m4, artist.m4: Allow answers to DNS queries. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-04-20 |
Mark Wooding | radius.m4: Load NAT helpers (from d119795). |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-04-20 |
Mark Wooding | bookends.m4: Configure IPv6 router advertisement stuff. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-04-20 |
Mark Wooding | functions.m4, local.m4: Introduce more kinds of hosts. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-04-20 |
Mark Wooding | functions.m4: Actually set the IPv6 options. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-30 |
Mark Wooding | fender.m4: Define an address to be a guaranteed black... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-23 |
Mark Wooding | local.m4: A new network for the SGO VPN. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-23 |
Mark Wooding | functions.m4, classify.m4: Handle negative address... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-23 |
Mark Wooding | Make FW_NOACT work properly. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-17 |
Mark Wooding | local.m4: Declare network for anycast services. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-17 |
Mark Wooding | local.m4: Reorder forwarding networks for `default'. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-17 |
Mark Wooding | local.m4: Move `vpn' to the common networks section. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-12 |
Mark Wooding | Overhaul address classification for link-local and... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-12 |
Mark Wooding | functions.m4: Publish the per-class forwarding bitmasks. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-12 |
Mark Wooding | functions.m4: The mark-{from,to}-* rules no longer... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-12 |
Mark Wooding | classify.m4: Use canonical forms for IPv6 addresses. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-12 |
Mark Wooding | local.m4: Actually use the IPv6 fragmentation forbiddin... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-12 |
Mark Wooding | Extend proper ICMP handling to IPv6. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-12 |
Mark Wooding | bookends.m4: Optimize checking for forwarding IPv6... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-11 |
Mark Wooding | vampire.m4: Extend services to untrusted hosts over... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-11 |
Mark Wooding | Introduce variable for expected input chains. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-11 |
Mark Wooding | local.m4: Fix the `safe' network prefix length. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-11 |
Mark Wooding | local.m4: Define the IPv6 network structure. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-11 |
Mark Wooding | local.m4: Add routes to/from the `safe' network. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-11 |
Mark Wooding | local.m4: The VPN will be available through the colo. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-11 |
Mark Wooding | functions.m4: Correct defaulting of IPv6 host addresses. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-08 |
Mark Wooding | classify.m4: Reject the RFC5737 documentation-only... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-07 |
Mark Wooding | Move per-host filtering to diversion 86 as promised. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-07 |
Mark Wooding | local.m4: Add `unsafe' to ibanez `br-dmz' interface. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-07 |
Mark Wooding | functions: Move NTP server list out of line. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-06 |
Mark Wooding | local.m4: Allow dmz/jump packets on unsafe/colo network... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-06 |
Mark Wooding | radius.m4: Forbid traffic directly to the NAT address. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-06 |
Mark Wooding | radius.m4: Use the correct interface name for NAT. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-06 |
Mark Wooding | local.m4: Fix IGMP acceptance (debris from old interfac... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-05 |
Mark Wooding | functions.m4: Write the netclass ids to the trace output. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-05 |
Mark Wooding | bookends.m4: If debugging, dump the final tables. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-05 |
Mark Wooding | Determine forwarding and reverse-path filtering from... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-05 |
Mark Wooding | Overhaul address classification. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-05 |
Mark Wooding | local.m4: Promote the NTP server configuration to a... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-05 |
Mark Wooding | Renumber the diversions. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-05 |
Mark Wooding | fixup! WIP on emergency: 7a108d1 Makefile: New target... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-05 |
Mark Wooding | Makefile: New target for tracking diversions. |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-03-05 |
Mark Wooding | Makefile, base.m4: Inject the target hostname into... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
2012-02-12 |
Mark Wooding | numbers.m4, gibson.m4: Allow gibson to receive IPMI... |
commit | commitdiff | tree | snapshot (tar.gz zip) |
next |