 3hhh
|
1cbbcd7b80
firewall: prefer - over _ for QubesDB path
|
2 years ago |
|
3hhh
|
50e448e23a
firewall: put DNS resolving into its own function
|
3 years ago |
|
3hhh
|
795bec8038
firewall: start watches before initial load
|
3 years ago |
|
3hhh
|
78de37da92
firewall: mark an IP as handled in /qubes-firewall_handled/[ip] after
|
3 years ago |
|
3hhh
|
196014831b
firewall: refactor to remove side effects from prepare_rules()
|
3 years ago |
|
3hhh
|
2a5af195f1
Export DNS information obtained during firewall setup to QubesDB
|
3 years ago |
|
icequbes1
|
ed33374f67
Handle UnicodeError in firewall when resolving hostname
|
3 years ago |
|
Marek Marczykowski-Górecki
|
940b0f3646
Do not use legacy distutils.spawn
|
3 years ago |
|
Pawel Marczewski
|
e6eee9f4e0
update_connected_ips: set iptables policy to drop while updating
|
4 years ago |
|
Pawel Marczewski
|
a12e72b89c
update_connected_ips: reload nftables using one command
|
4 years ago |
|
Pawel Marczewski
|
4aace50313
get_connected_ips: handle empty and missing keys, add tests
|
4 years ago |
|
Pawel Marczewski
|
e43fd2fc5a
update_connected_ips: correctly handle byte-string
|
4 years ago |
|
Pawel Marczewski
|
39885a4329
firewall: fix family / family_name
|
4 years ago |
|
Pawel Marczewski
|
00fbb956b4
qubes-firewall: correctly handle empty connected-ips list
|
4 years ago |
|
Pawel Marczewski
|
cd19073d50
Update rule priorities for anti-spoofing
|
4 years ago |
|
Pawel Marczewski
|
bfe31cfec8
qubes-firewall: add anti-spoofing rules for connected machines
|
4 years ago |
|
Marek Marczykowski-Górecki
|
a899adb69e
Convert qubesagent module to python3
|
4 years ago |
|
Marek Marczykowski-Górecki
|
73648ca038
Minor codestyle fix in qubesadmin/firewall.py
|
4 years ago |
|
Peter Gerber
|
7d783b3010
Qubes firewall: correct syntax for icmpv6 rejects
|
6 years ago |
|
Marek Marczykowski-Górecki
|
a026d04c0d
qubes-firewall: reject packets instead of dropping
|
6 years ago |
|
Marek Marczykowski-Górecki
|
f6dc28106b
qubes-firewall: signal service readiness only after initial scripts
|
6 years ago |
|
Marek Marczykowski-Górecki
|
53c9b45c76
qubes-firewall: handle only traffic originating from VMs
|
6 years ago |
|
Christopher Laprise
|
10aee73bd7
Add /etc/qubes path
|
6 years ago |
|
Christopher Laprise
|
a262574f85
Add qubes-firewall.d feature
|
6 years ago |
|
Marek Marczykowski-Górecki
|
6c33652ed4
qubes-firewall: call firewall-user-script at service startup
|
6 years ago |
|
Marek Marczykowski-Górecki
|
c324b16252
firewall: allow also related traffic
|
6 years ago |
|
Marek Marczykowski-Górecki
|
3a83623647
firewall: don't crash the whole qubes-firewall service on DNS fail
|
6 years ago |
|
Marek Marczykowski-Górecki
|
4d51ea9387
Fix IPv6 support in qubes-firewall
|
6 years ago |
|
Marek Marczykowski-Górecki
|
57a3c2d67e
network: have safe fallback in case of qubes-firewall crash/error
|
6 years ago |
|
Marek Marczykowski-Górecki
|
ee0a292b21
network: rewrite qubes-firewall daemon
|
7 years ago |
