Age | Commit message (Collapse) | Author | |
---|---|---|---|
2017-05-01 | this is IPv4 only so far | mh | |
2017-04-25 | make it possibble to disable ipv6 for these rules | mh | |
2017-04-08 | migrate to dedicated params | mh | |
2017-02-19 | no need for openvpn outgoing | mh | |
2016-09-23 | add tor out rule | mh | |
2015-12-05 | add razor rules | mh | |
2015-12-05 | indentation | mh | |
2015-12-05 | there might be people who don't have a stun server | mh | |
2015-12-05 | linting | mh | |
2015-12-05 | a cleaner naming | mh | |
2015-12-05 | add rule for stun | o | |
2015-12-05 | add rule for openvpn | o | |
2015-12-05 | manage new and legacy ports of managesieve | mh | |
2015-12-05 | add rules for pyzor | mh | |
2015-12-05 | make it easier to override behaviour of the dns rules | mh | |
2015-12-05 | fix define | mh | |
2015-12-05 | migrate ipsec rules to a define so we can specify multiple zones | mh | |
2015-07-16 | shorewall::rules::libvirt::host: adjust to changes in shorewall::mangle. | intrigeri | |
That is, make the resource's title more unique by including the destination interface in it, and accordingly pass the desired action via the new, dedicated parameter. | |||
2015-05-08 | Make sure MUNINCOLLECTOR join() gets an array in munin rule | Jerome Charaoui | |
2015-02-27 | Fix DHCP from $vmz. | bertagaz | |
On newer kernel (tested on 3.16), the libvirt and shorewall iptables rules have conflicts that need to be fixed by enabling back --checksum-fill on $vmz, otherwise the VMs can't get a DHCP lease. | |||
2013-02-09 | Linting. | intrigeri | |
2013-02-09 | Allow not setting up masquerading in libvirt::host. | intrigeri | |
2013-02-09 | libvirt::host: make debproxy port configurable. | intrigeri | |
2013-01-02 | Revert "Support exempting some users from torification measures." | intrigeri | |
This reverts commit 6bc54f031b9ae12fe428c83e70733c8b2ff4c67a. This stuff is not ready for the shared repo, but we want to take benefit from me having already merged immerda's stuff into my branch and solved the conflicts. | |||
2013-01-02 | Revert "Allow redirecting DNS requests to Tor for specific users or globally." | intrigeri | |
This reverts commit 0c28fa636653f395c756f56c93f8c78fddfcee00. This stuff is not ready for the shared repo, but we want to take benefit from me having already merged immerda's stuff into my branch and solved the conflicts. | |||
2013-01-02 | Merge remote-tracking branch 'immerda/master' | intrigeri | |
2013-01-01 | make it possible to exent nets for ipsec | mh | |
2012-12-30 | Merge remote-tracking branch 'immerda/master' | intrigeri | |
2012-12-02 | Merge branch 'feature/libvirt-host' | intrigeri | |
2012-12-02 | libvirt::host: don't accept FTP from VMs. | intrigeri | |
It was meant to provide preseeding files over FTP, but the Debian installer has been supporting TFTP for a while, so no additional software is needed. | |||
2012-11-11 | Merge branch 'feature/torify-dns' into old-master | intrigeri | |
2012-11-11 | Merge branch 'feature/torification-exception' into old-master | intrigeri | |
2012-11-11 | Merge branch 'feature/libvirt-host' into old-master | intrigeri | |
2012-11-11 | Support exempting some users from torification measures. | intrigeri | |
2012-11-11 | Allow redirecting DNS requests to Tor for specific users or globally. | intrigeri | |
2012-11-11 | Import rough libvirt::host class. | intrigeri | |
2012-10-02 | add ipsec_nat rule port 4500 | Andreas | |
2012-06-20 | Revert "Support exempting some users from torification measures." | Micah Anderson | |
This reverts commit 6cb88973f53aa7d92414797dd21952c1c1d5da98. | |||
2012-06-20 | Revert "Support exempting some users from torification measures." | Micah Anderson | |
This reverts commit 6cb88973f53aa7d92414797dd21952c1c1d5da98. | |||
2012-06-20 | Merge remote-tracking branch 'immerda/master' into riseup | Micah Anderson | |
NOTE: the conflicts in the files/shorewall.conf.Debian.squeeze I resolved by favoring the actual debian squeeze shorewall.conf, there were a few options in the immerda one that were not the same. Conflicts: README files/shorewall.conf.Debian.squeeze manifests/base.pp manifests/blacklist.pp manifests/debian.pp manifests/host.pp manifests/init.pp manifests/interface.pp manifests/masq.pp manifests/nat.pp manifests/params.pp manifests/policy.pp manifests/proxyarp.pp manifests/rfc1918.pp manifests/routestopped.pp manifests/rule.pp manifests/rule_section.pp manifests/rules/out/ekeyd.pp manifests/zone.pp | |||
2012-06-20 | Support exempting some users from torification measures. | intrigeri | |
2012-06-18 | the rest will be included already by the client | mh | |
2012-06-13 | migrate away from hiera stuff | mh | |
2012-06-08 | refactor things for >2.7 | mh | |
2012-06-06 | fix for new style for 2.7 | mh | |
2011-11-05 | allow ssh_in source to be selected by hiera, better naming for the same ↵ | mh | |
option for munin | |||
2011-11-05 | configure munin things via hiera, allow interface to be chosen | mh | |
2011-08-04 | differentiate between general jabberserver and openfire | Marcel Haerry | |
2011-08-04 | new class shorewall::rules::dns::disable | Andreas Zuber | |
2011-08-04 | added rule for tomcat | Juerg Gerber | |