Group :: System/Configuration/Other
RPM: alterator-net-iptables
Main Changelog Spec Patches Sources Download Gear Bugs and FR Repocop
18 august 2023 Mikhail Efremov <sem at altlinux.org> 4.19.11-alt1
- index.scm: Don't crash on type-error.
- all: Initialize variables (closes: #37437).
- Add default values to net-ip6tables.conf (closes: #34291).
- net-dnat: Rewrite index.scm.
- net-dnat: Add init-ui function.
- net-dnat: Don't crash on type-error (closes: #37814).
- net-iptables: Add host mode support (Closes: #38505)
- Add default values to net-iptables.conf (Closes: #34291)
- Don't require a particular rpm-build version.
- NMU: Replace BuildRequires for guile on e2k arch.
- Build with new alterator (guile2).
- Use quote_shell_var instead of plain eval (closes: #33646).
- Use typed params everywhere it is possible.
- Set restart_network to 'on' by default.
- net-iptables.conf: Add restart_network option.
- Fix ULOG counters (closes: #25489).
- Only show IP version selector if more then one is available.
- Fix disabling firewall.
- Don't show IPv6 in the list if IPv6 is disabled.
- index.scm: Update ifaces and services lists on IP version change.
- iptables_helper: Allow networks in the IR module.
- iptables_helper: Fix regexp for default services.
- iptables_helper: Add default services for each IP.
- iptables_helper: Allow default services for internal ifaces.
- net-iptables-manual: Add IPv6 support.
- net-tc: Add IPv6 support.
- net-tc: Use 'ip neighbour' instead of 'arp'.
- net-bl: Add IPv6 support.
- net-iptables: Add IPv6 support.
- Add *.desktop files and config files for IPv6.
- iptables_helper: Add ip6tables support.
- Use 'conntrack' match instead of 'state'.
- ip comments support in ir module (by Vladislav Zavjalov).
- cups.desktop: add udp:631 (closes: 25467)
- allow any protocol names in service lists
- vpn.desktop: gre:;tcp:1723 (closes: 25036)
- desktop-files: add uk translations (thanks to Roman Savochenko)
- iptables_helper: add logging
- net-iptables-manual.desktop: add X-Alterator-UI=html
- sip.desktop: add tcp:1720 (h323) and udp:10000-20000 (RTP) ports
- fix desktop-files (add Firewall menu group)
- use gateway made by default
- fix manpage
- net-tc ajax.scm: go to default section after delete
- net-tc backend: don't write empty ip
- iptables_helper: add support for commit_mode
- add net-iptables-manual alterator module
- add manual mode warnings in other modules
- fix manpage
- ajax.scm: use new card-index module
- rewrite net-iptables/ajax.scm, fix l10n
- fix typo in net-iptables/ajax.scm
- net-iptables html ui: use wf=none
- iptables_helper: fix broken iptables rule
- net-iptables backend: add firsttime action
- openvpn.desktop: add tcp:1194 port
- net-tc/ajax.scm: fix translations of backend messages
- net-tc/ajax.scm: add xgettext domain
- update desktop-files
- net-tc html ui: more informative labels
- iptables_helper: fix firewalling rules
- fix net-tc and net-bl alterator modules
- use lib/srv.sh library for working with service lists
- allow port ranges
- update service list
- iptables_helper: allow ESTABLISHED,RELATED packets in FORWARD and OUTPUT chains
- net-tc: rewrite ajax.scm
- add default net-iptables.conf (closes: #21118)
- add default config for internal restrictions module
- add icmp in list of services
- iptables_helper: fix ir_del()
- iptables_helper: add DNAT rules to nat/OUTPUT
- rewrite alterator-net-tc script
- fix errors in iptables_helper script
- fix errors in net-tc, net-dnat, net-bl alterator modules
- fix net-bl/ajax.scm
- fix labels
- backends: do nothing on delete action with empty target
- add blacklist module (net-bl)
- fix del action in port redirection module
- allow port ranges in port redirection module
- remove old-style port redirection (-S parameter)
- iptables_helper: add ulogd module
- iptables_helper: fix shell_config_set1()
- iptables_helper: add port redirection module
- rewrite DNAT module
- fix IR module
- rewrite module for Internal network restrictions
- add firewalling for internal clients
- change iptables_helper script interface
(see iptables_script ir help) - fix labels in net-tc.desktop (closes: #21145)
some fixes in iptables_helper script
- fix forwarding rules
- add -m physdev --physdev-is-bridged -j ACCEPT rule to FORWARD chain
(allow forwarding through bridges)
- explicitely exit on fatals in subshells
- fix error on adding transparent squid rules
- Allow forwarding from each external iface to its networks (closes: #20143)
- net-tc: some fixes
- fix writng to net-tc.conf
- add module for traffic control, remove old fixmac module
- net-iptables backend: use netdev_read_info() from alterator-hw-functions
instead of ifaceinfo script from alterator-net-functions. (Don't use
hal/dbus, don't restart hal/dbus at every action.)
- fixmac: log rejected packets via syslog
- add fixmac alterator module
- cleanup net-dnat backend
- update manpage
- iptables_helper: fix test_vars() to pass hidden services
- use /etc/alterator/services/List to specify services shown in interfaces
- cleanup desktop-files
- iptables_helper
- fix forwarding rule for DNAT (closes: #20187)
- show -i and -e prints ifaces separated by \n
- add experimental fixmac feature
- fix spec to avoid ownerless dirs
- add ip_conntrack_ftp to /etc/net/ifaces/default/fw/iptables/modules
(closes: #19948)
- iptables_helper: open icmp by default (closes: #19865)
- add openvpn.desktop (udp:1194)
- iptables_helper script:
- fix manpage
- shorten help message
- add warnings to autogenerated config files
- iptables_helper: don't require ifaces to be existent
- iptables_helper: keep ifaces in config separated only by ";"
- add alterator-net-iptables -> iptables_helper symlink
- add manpage
- allow forwarding for dnat'ed packets (closes: #19301)
- update desktop-file translations
- Fix forwarding rules: drop all packets from external
ifaces except ones with --state ESTABLISHED,RELATED
- backends: fix interface info
- fix label
- fix po-domain in net-dnat module
- add alterator module for DNAT (with QT and HTML UI)
- move html templates to ui directory
- iptables_helper:
+ DROP all FORWARD packets from external ifaces
+ fix error in iptables_helper with writing to nat/PREROUTING table
+ change format of DNAT rules to <proto>:<ip>:<port>:<ip>:<port>
- iptables_helper: fix efw restarting
- iptables_helper: add DNAT stuff
- add zeroconf.desktop (udp:5353)
- run-parts /usr/lib/alterator/hooks/net-iptables.d/ on write
- iptables_helper: fix internal interface list
- add ip to iface list
- html ui: add class="text" to text inputs
- iptables_helper:
+ fix modify_list() to work with empty values
+ add -d option for reset action
+ fix help - backend: use router mode by default
- write network interface controller names (by inger@)
rearrange ui for these long interface names
- add options for show action ("iptables_helper show -e" shows external interfaces etc.)
- correct work without initial config
- iptables_helper: move ulogd rules setting on top (before DROP rule)
- iptables_helper: add transparent squid translations
- iptables_helper: change of command line options
- iptables_helper: options for adding and removing values from existing lists
- iptables_helper: update help
- fix ulogd rules
- don't eval set_locale()
- change labels: firewall/gateway -> router/gateway
- Rewrite all. Use iptables_helper script (see `iptables_helper help`)
- backend: fix reset_basic function - 2
- backend: fix reset_basic function
- show warning if alterator port is closed on any interface
- move help and translations to alterator-l10n
- fix work with empty chainfiles
- change policy reset function
- add ldap.desktop
- add dhcp.desktop
- forwarding setting does not depends on firewall
- more visible warning about closing alterator port
- don't ask for a confirmation when firewall is off
- don't remove foreign rules (without -j ACCEPT, -j DROP, -P)
- add ip_conntrack_ftp to /etc/net/ifaces/default/fw/iptables/modules
(for ftp passive mode)
- add cups.desktop
- rebuild with new l10n
- fix spec
- simplify warning logic when closing ahttpd port
- fix problem with desktop file translations
- warning when closing ahttpd port
- add support for extra port lists
- cache desktop data
- fix backend logic for action write
- join forms
- join to common translation database
- Initial build