Git-Mirrors/qubes-mirage-firewall
1
0
Fork 0
mirror of https://github.com/mirage/qubes-mirage-firewall.git synced 2024-09-29 20:26:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
23 Commits 1 Branch 18 Tags 1 MiB
491dbd9323
Commit Graph

9 Commits

Author SHA1 Message Date
Thomas Leonard
491dbd9323 Calculate checksums even for Accept action 
If packet has been NAT'd then we certainly need to recalculate the checksum,
but even for direct pass-through it might have been received with an invalid
checksum due to checksum offload. For now, recalculate full checksum in all
cases.

See #1.
 2016-01-03 14:14:00 +00:00
Thomas Leonard
96bc12c591 Log correct destination for redirected packets 
Before, we always said it was going to "NetVM".
 2016-01-02 20:38:38 +00:00
Thomas Leonard
0e8e142337 If we can't find a free port, reset the NAT table 2016-01-02 16:50:16 +00:00
Thomas Leonard
425ba26286 Reset NAT table if memory gets low 2016-01-02 15:50:05 +00:00
Thomas Leonard
aee124338a Minor cleanup 2016-01-01 13:03:18 +00:00
Thomas Leonard
1da8775814 Provide same actions to client and NetVM rules 2016-01-01 12:54:44 +00:00
Thomas Leonard
2002126b8b Rationalised firewall rules syntax 
Added explicit NAT target, allowing NAT even within client net and
making it clear that NAT is used externally.

Changed Redirect_to_netvm to NAT_to, and allow specifying any target
host.
 2016-01-01 11:32:57 +00:00
Thomas Leonard
ac0444f1c1 Log packet details when dropping 2015-12-31 09:56:58 +00:00
Thomas Leonard
cd69ce5a86 Move NAT code to router and add DNS redirects 2015-12-30 19:34:04 +00:00