Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
3a6e77aa43
core-agent-linux/network
History
Pawel Marczewski 63d8065e4f
firewall: drop INVALID state TCP packets 
Packets detected as INVALID are ignored by NAT, so if they are not
dropped, packets with internal source IPs can leak to the outside
network.

See:

https://bugzilla.netfilter.org/show_bug.cgi?id=693
http://www.smythies.com/~doug/network/iptables_notes/

Fixes QubesOS/qubes-issues#5596.
2020-01-24 19:01:00 +01:00
..
00notify-hook
30-qubes-external-ip
80-qubes.conf
ip6tables
ip6tables-enabled
iptables
iptables-updates-proxy
network-manager-prepare-conf-dir
nm-30-qubes.conf
qubes-fix-nm-conf.sh
qubes-iptables
qubes-nmhook
qubes-setup-dnat-to-ns
setup-ip
show-hide-nm-applet.desktop Fix show-hide-nm-applet.desktop - use OnlyShowIn=X-QUBES 2015-09-03 00:43:54 +02:00
show-hide-nm-applet.sh
tinyproxy-updates.conf updates-proxy: explicitly block connection looping back to the proxy IP 2015-12-04 14:57:07 +01:00
udev-qubes-network.rules
update-proxy-configs
updates-blacklist (redo) updates-proxy: explicitly block connection looping back to the proxy IP 2017-09-15 05:00:05 +02:00
vif-qubes-nat.sh
vif-route-qubes network: don't fail the whole vif setup if IPv6 is disabled 2019-10-06 06:19:16 +02:00