Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
076275c154
core-agent-linux/network
History
Pawel Marczewski 63d8065e4f
firewall: drop INVALID state TCP packets 
Packets detected as INVALID are ignored by NAT, so if they are not
dropped, packets with internal source IPs can leak to the outside
network.

See:

https://bugzilla.netfilter.org/show_bug.cgi?id=693
http://www.smythies.com/~doug/network/iptables_notes/

Fixes QubesOS/qubes-issues#5596.
2020-01-24 19:01:00 +01:00
..
00notify-hook
30-qubes-external-ip
80-qubes.conf
ip6tables Update rule priorities for anti-spoofing 2020-01-10 09:19:32 +01:00
ip6tables-enabled firewall: drop INVALID state TCP packets 2020-01-24 19:01:00 +01:00
iptables firewall: drop INVALID state TCP packets 2020-01-24 19:01:00 +01:00
iptables-updates-proxy
network-manager-prepare-conf-dir Refactor and handle new network qubesdb configuration 2019-06-18 18:49:42 +02:00
nm-30-qubes.conf
qubes-fix-nm-conf.sh NetworkManager config - Add dns=default 2019-08-16 14:21:13 +00:00
qubes-iptables Fixes issue #3939 2018-05-31 14:02:15 -04:00
qubes-nmhook network: reload DNS only on "up" event from NetworkManager 2018-02-10 22:12:44 +01:00
qubes-setup-dnat-to-ns network: fix issues found by shellcheck 2017-09-30 04:43:04 +02:00
setup-ip Handle errors for non-present ip gateways 2019-06-22 17:40:25 +02:00
show-hide-nm-applet.desktop
show-hide-nm-applet.sh
tinyproxy-updates.conf updates-proxy: explicitly block connection looping back to the proxy IP 2015-12-04 14:57:07 +01:00
udev-qubes-network.rules Refactor and handle new network qubesdb configuration 2019-06-18 18:49:42 +02:00
update-proxy-configs Mention Update Proxy in configuration 2019-12-01 13:41:54 +01:00
updates-blacklist
vif-qubes-nat.sh
vif-route-qubes network: don't fail the whole vif setup if IPv6 is disabled 2019-10-06 06:19:16 +02:00