Age | Commit message (Expand) | Author |
2016-08-08 | Stricter VPN egress firewall (#8289) | Micah |
2016-08-08 | Disallow intra-client connectivity (#8272). | Micah |
2016-08-05 | Disallow intra-client connectivity (#8272). | Micah |
2016-07-13 | Notify Exec[shorewall_check] not Service[shorew..] | varac |
2016-04-27 | Fix shorewall not starting with systemd (#8044) | Micah |
2016-04-18 | [style] more manual linting for custom manifests | varac |
2016-04-18 | [style] lint some custom manifests | varac |
2014-11-20 | specify the destination IP for DNAT rules for gateway addresses on port 443 (... | Micah Anderson |
2014-11-20 | minor linting | Micah Anderson |
2014-07-01 | Make shorewall accept incoming traffic for obfsproxy server | irregulator |
2014-06-25 | stunnel: make site_mx and site_webapp use new site_stunnel | elijah |
2014-06-25 | new generic system for stunnel: just `include site_stunnel` and stunnel + nee... | elijah |
2014-05-02 | fix incorrect shorewall parameter name 'protocol', should be 'proto' | Micah Anderson |
2014-04-29 | block DNS traffic at the OpenVPN gateway (#4164) | Micah Anderson |
2013-10-16 | vagrant: support other providers besides virtualbox (Bug #4158), Part 2 | varac |
2013-09-04 | make sure that the shorewall package is installed before trying to change its... | Micah Anderson |
2013-08-31 | postfix enable submission port using starttls, so the client can transition t... | Micah Anderson |
2013-08-29 | Make TLS-required smtps (465) be port for sending SMTP. This is preferred ove... | Micah Anderson |
2013-08-22 | install a preliminary firewall that blocks everything, except ssh for the cas... | Micah Anderson |
2013-08-01 | make site_shorewall::soledad use the hiera value for the soledad port | Micah Anderson |
2013-07-26 | Merge branch 'feature/soledad' into feature/leap_mx | Micah Anderson |
2013-07-25 | initial soledad configuration | Micah Anderson |
2013-07-25 | shorewall rules for site_mx | varac |
2013-06-12 | webapp should be available over http so a proper redirect can be done to https | Micah Anderson |
2013-05-16 | special casing for pistoncloud/openstack/ec2 | Micah Anderson |
2013-05-02 | fixed dnat_rules | elijah |
2013-04-30 | minor spacing changes | Micah Anderson |
2013-04-30 | setup a site_config::params class that can be used to set some common variabl... | Micah Anderson |
2013-04-04 | add Erlang Distributed Node Protocol Port json entry under bigcouch | Micah Anderson |
2013-04-04 | rename bigcouch.port to more accurate bigcouch.epmd_port | Micah Anderson |
2013-04-02 | shorewall: re-order dnat rule variables to match configuration file order | Micah Anderson |
2013-04-02 | replace hard-coded port number with hiera determined one, manipulated to remo... | Micah Anderson |
2013-04-02 | firewall: remove no longer needed epmd port | Micah Anderson |
2013-04-02 | shorewall: | Micah Anderson |
2013-04-02 | remove unnecessary class inheritance | Micah Anderson |
2013-04-02 | shorewall: add couch_server stunnel port to macro.leap_couchdb, this is neces... | Micah Anderson |
2013-04-02 | start erlang vm on dedicated port so firewalling is easier | varac |
2013-04-02 | added site_shorewall::couchdb::bigcouch | varac |
2013-04-02 | added site_shorewall::dnat to configure DNAT rules | varac |
2013-04-02 | shorewall couchdb config: get open ports right | varac |
2013-04-02 | working on stunnel for bigcouch clustering | varac |
2013-03-17 | added support for "limited" service levels (although vpn is not yet actually ... | elijah |
2013-02-27 | openvpn -- added support for optional "free" rate-limited service via special... | elijah |
2013-02-26 | missed another require => Package['shorewall'] on the file resources in site_... | Micah Anderson |
2013-02-12 | missed one require => Package['shorewall'] on of the file resources in site_s... | Micah Anderson |
2013-02-12 | file resources that make changes to shorewall need to make sure that shorewal... | Micah Anderson |
2013-02-12 | fixed shorewall is blocking api port (Bug #1735) | varac |
2013-02-11 | duplicate shortwall service definitions now inclduded from services/* | varac |
2013-02-09 | site_shorewall::monitor: allow port 80 + 443 | varac |
2013-02-06 | allow outgoing traffic moved to site_shorewall::defaults | varac |