Commit Graph

11 Commits (271e300745b7200fc57383916d87efd6640d093e)

Author SHA1 Message Date
ovcharenko 8485b39ab3 [FIX] ufw fails asking for a direction for rules without an interface specified [#2758] (#2759) 8 years ago
ovcharenko 85aec2e07a [FIX] "Invalid interface clause" error in UFW module (#2559) (#2666)
Fixes GH-2559
8 years ago
Onni Hakala 61d5fe148c Added example to add a port range (#2712)
I tried to google for this a bit and then figured out how it actually works.
8 years ago
ovcharenko 31a027e2cd [FIX] Bug report: ufw: interface option causes an error (1.9.4) (#1491) (#2668) 8 years ago
Chris Lamb 8d7d070201 system/ufw.py: Add security warning re. removing ufw application prof…
It's not particularly obvious that removing an application will remove it
from ufw's own state, potentially leaving ports open on your box if you
upload your configuration.

Whilst this applies to a lot of things in Ansible, firewall rules might
cross some sort of line that justifies such a warning in his instance.

Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
9 years ago
Greg DeKoenigsberg 004dedba8a Changes to author formatting, remove emails 10 years ago
Nicolas Brisac bc440ade79 Allow filtering of routed/forwarded packets
MAN page states the following :

    Rules for traffic not destined for the  host  itself  but  instead  for
    traffic  that  should  be  routed/forwarded through the firewall should
    specify the  route  keyword  before  the  rule  (routing  rules  differ
    significantly  from  PF  syntax and instead take into account netfilter
    FORWARD chain conventions). For example:

        ufw route allow in on eth1 out on eth2

This commit introduces a new parameter "route=yes/no" to allow just that.
10 years ago
Toshio Kuratomi 88eff11c04 Many more doc fixes 10 years ago
Greg DeKoenigsberg 1c662556e9 Adding author's github id 10 years ago
Chris West 613b3bdda0 Enable "ufw default allow routed"
* The policy is shown in `status verbose`, so all the check mode stuff should keep working.
 * `--dry-run` works as expected.
 * No idea whether it's legal as an argument to `interface`
10 years ago
Michael DeHaan b1e789968b File extensions! 10 years ago