Git-Mirrors/qubes-mirage-firewall
1
0
Fork 0
mirror of https://github.com/mirage/qubes-mirage-firewall.git synced 2025-02-18 14:04:20 -05:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 7718c95f20 no_argv not needed anymore with no-default-kernelopts for the VM in Qubes palainp 2022-05-27 15:59:49 +02:00
  • f33db2b42a fix kernel name palainp 2022-04-04 10:23:54 -04:00
  • 6f257c5b7b fix opam option palainp 2022-04-04 10:10:43 -04:00
  • dbe068c0fe update qubes-builder script for mirage 4.0 palainp 2022-04-04 10:09:16 -04:00
  • 3cce2a5629 bump lower bound for mirage-xen palainp 2022-03-30 03:15:11 -04:00
  • a99d7f8792 update to mirage 4.0.0 & mirage-xen 7.0.0 palainp 2022-03-30 03:12:01 -04:00
  • ef2419bf6f
         Merge pull request #137 from hannesm/ethernet-3.0 Hannes Mehnert 2022-01-09 13:37:32 +01:00
  • ed0f7667e4 update to ethernet 3.0 API Hannes Mehnert 2022-01-09 12:36:35 +01:00
  • 1d0aaf2666
         Merge pull request #136 from hannesm/fixes Hannes Mehnert 2021-11-12 12:29:21 +01:00
  • d36676a630 update hash Hannes Mehnert 2021-11-11 10:19:29 +01:00
  • 748f803ca0 update to dns 6.1.0 Hannes Mehnert 2021-11-10 18:16:55 +01:00
  • 07c2d456ea
         Merge pull request #135 from palainp/ocaml-dns-update Thomas Leonard 2021-11-10 14:53:07 +00:00
  • 6e76ab299b update sha256 of build Hannes Mehnert 2021-11-10 15:31:36 +01:00
  • c4f9142376 DNS: address code review comments, use qubes-primary-dns from QubesDB Hannes Mehnert 2021-11-10 15:26:17 +01:00
  • 6835072104 build-with-docker: update hash Hannes Mehnert 2021-11-05 19:39:10 +01:00
  • d4e365a499 avoid fmt and cstruct deprecation warnings Hannes Mehnert 2021-11-05 19:59:00 +01:00
  • 7e3303a8d6 read DNS resolver IP addresses from QubesDB as specified in https://www.qubes-os.org/doc/vm-interface/ Hannes Mehnert 2021-11-05 19:53:39 +01:00
  • 65ff2a9203 update arp to >= 2.3.0, where arp.mirage is a sublibrary Hannes Mehnert 2020-12-03 21:19:46 +01:00
  • ba8dbc3f57 Dockerfile: update opam-repository to current master config.ml: require more recent dns and ipaddr packages Hannes Mehnert 2021-11-05 18:55:30 +01:00
  • 4cb5cfa036 update to ocaml-dns 6.0.0 interface palainp 2021-10-28 13:39:32 +02:00
  • 6080e6db30
         Merge pull request #129 from talex5/qrexecv3 Thomas Leonard 2020-12-31 15:20:58 +00:00
  • a368b12648 Update to mirage-qubes 0.9.1 for qrexec3 compatibility Thomas Leonard 2020-12-03 16:11:56 +00:00
  • b6544b4cb2
         Update README.md dalrrard 2020-11-12 13:10:09 -06:00
  • 2ba2bbf4a7 Report memory usage every 10 minutes Thomas Leonard 2020-10-29 10:19:43 +00:00
  • cfe122592d
         Merge pull request #118 from xaki23/master Thomas Leonard 2020-10-28 12:20:19 +00:00
  • 26b5b59b56
         unpin mirage+lwt versions for qubes-builder xaki23 2020-10-28 13:14:16 +01:00
  • 089f349a05
         Merge pull request #116 from talex5/solo5 Thomas Leonard 2020-10-28 12:11:00 +00:00
  • d8ae7f749c Update README Thomas Leonard 2020-10-26 15:38:14 +00:00
  • be7461a20a Switch Docker base image from Alpine to Fedora Thomas Leonard 2020-10-26 15:19:30 +00:00
  • 3dbb9ecb27 BROKEN: Upgrade to Mirage 6 for solo5 PVH support Thomas Leonard 2020-08-19 14:09:01 +01:00
  • 997446af6c
         Merge pull request #117 from hannesm/kernelopts Thomas Leonard 2020-10-24 13:38:46 +01:00
  • c173bf1cb0 README: use kernelopts='' instead of None Hannes Mehnert 2020-10-24 12:43:08 +02:00
  • 006801c03e
         Merge pull request #112 from roburio/mirage38 Thomas Leonard 2020-07-04 13:39:13 +01:00
  • aebaa2cafc update sha256 from travis run Hannes Mehnert 2020-07-03 16:55:38 +02:00
  • de0eb9d970 adapt to mirage 3.8.0 changes (ipaddr5, tcpip5); bump opam-repository hash (to get netchannel+mirage-net-xen 0.13.1) Hannes Mehnert 2020-07-03 16:39:06 +02:00
  • 094637b2de
         Merge pull request #110 from burghardt/dom0tar Thomas Leonard 2020-06-20 10:59:43 +01:00
  • f9842e8b18
         Do not run tar in dom0 (closes #84). Krzysztof Burghardt 2020-06-20 01:16:29 +02:00
  • 931987190d share host system opam cache with docker build linse 2020-06-19 09:48:16 +00:00
  • 3ee01b5243 changes for 0.7.1 0.7.1 linse 2020-06-19 08:56:33 +00:00
  • 620bbb5b35 update opam repository commit hash for release Hannes Mehnert 2020-06-19 08:24:18 +00:00
  • 6dc7de26e3
         Merge pull request #103 from roburio/xenstore-client-ip Hannes Mehnert 2020-06-18 10:35:06 +02:00
  • b5ec221e2a Handle other IP formats from xenstore. Example: "10.137.0.18 fd09:24ef:3178::a19:11" reported via https://twitter.com/t_grote/status/1262747002334408704 linse 2020-05-19 17:47:40 +02:00
  • 60ebd61b72 Update documentation. linse 2020-05-19 16:48:48 +02:00
  • 49da96d5d9
         Merge pull request #101 from roburio/release-0.7 v0.7 Hannes Mehnert 2020-05-19 14:51:11 +02:00
  • b50fd495a7 Need to copy the source directory, otherwise it does not build for us. linse 2020-05-19 14:41:13 +02:00
  • 53bf4f960c update to ocaml 4.10 and mirage 3.7.7 linse 2020-05-19 14:35:22 +02:00
  • cc534d9618 Update changes for release. linse 2020-05-19 11:07:25 +02:00
  • 17ace89ed8
         Merge pull request #100 from talex5/changes linse 2020-05-19 11:02:39 +02:00
  • 470160dcb2 Update changelog Thomas Leonard 2020-05-16 15:19:05 +01:00
  • 152202b0de
         Merge pull request #99 from xaki23/o4100 Hannes Mehnert 2020-05-16 11:12:22 +02:00
  • 6a1b012527
         bump qubes-builder ocaml-version to 4.10.0 for gcc-10 compatibility xaki23 2020-05-15 18:36:03 +02:00
  • d34842e31a
         Merge pull request #96 from roburio/squash Hannes Mehnert 2020-05-15 17:33:23 +02:00
  • 8927a45f43 [ci skip] Edit CHANGES linse 2020-05-15 17:31:30 +02:00
  • 2d78d47591 Support firewall rules with hostnames. linse 2020-04-29 16:06:48 +02:00
  • 87df5bdcc0 Read firewall rules from QubesDB. The module Rules contains a rule matcher instead of hardcoded rules now. linse 2020-04-29 15:58:01 +02:00
  • 02e515d27c
         Merge pull request #95 from hannesm/mirage-nat.2.1.0 Thomas Leonard 2020-02-19 14:27:41 +00:00
  • 65324b4197 Update Dockerfile to get new mirage-nat version Thomas Leonard 2020-02-19 14:14:26 +00:00
  • 88fec9fa49 adapt to mirage-nat 2.1.0 API (Nat_packet returns a Fragments.Cache.t - which is now a Lru.F.t) Hannes Mehnert 2020-02-08 15:58:37 +01:00
  • 554e73a46d cleanup: remove exception cases during Ethernet decode / Nat.of_ipv4_packet - they do not raise exceptions anymore Hannes Mehnert 2020-02-08 15:55:32 +01:00
  • 0ced0ee901
         Merge pull request #91 from xaki23/mirage-3.7-qb Thomas Leonard 2020-01-14 14:50:22 +00:00
  • 16581b1e2e
         Merge pull request #90 from talex5/cleanup Thomas Leonard 2020-01-14 12:54:48 +00:00
  • e68962ac48
         support mirage-3.7 via qubes-builder xaki23 2020-01-13 20:48:46 +01:00
  • 8e714c7712 Removed unreachable Lwt.catch Thomas Leonard 2020-01-13 10:05:38 +00:00
  • ab3508a936 Remove unused Clock argument to Uplink Thomas Leonard 2020-01-13 09:50:48 +00:00
  • 48b38fa992 Fix Lwt.4.5.0 in the Dockerfile for faster builds Thomas Leonard 2020-01-13 09:49:37 +00:00
  • e851565823
         Merge pull request #89 from roburio/mirage-3.7 Thomas Leonard 2020-01-13 09:45:04 +00:00
  • a734bcd2d3 [ci skip] adjust expected sha256 Hannes Mehnert 2020-01-11 16:01:08 +01:00
  • 730957d19b upgrade opam repository to current head and mirage to 3.7.4 Hannes Mehnert 2020-01-11 15:46:22 +01:00
  • 28bda78d20 fix deprecation warnings (Mirage_clock_lwt -> Mirage_clock) Hannes Mehnert 2020-01-11 15:46:02 +01:00
  • 3fc418e80c qualify all return with Lwt, use Lwt.return_unit where possible Hannes Mehnert 2020-01-11 15:39:20 +01:00
  • 0f476c4d7b mirage-nat 2.0.0 and mirage-qubes 0.8.0 compatibility Hannes Mehnert 2020-01-11 15:36:02 +01:00
  • c66ee54a9f revert bc7706cc97531aaf1f4dd0291a26c2307f32d647, mirage-xen since 5.0.0 reverted the split of OS into Os_xen Hannes Mehnert 2020-01-11 14:34:25 +01:00
  • e8f62b8532
         Merge pull request #88 from xaki23/pin-mirage-3.5.2 Thomas Leonard 2019-12-28 19:50:47 +00:00
  • 43656be181
         pin mirage to 3.5.2 for qubes-builder builds xaki23 2019-12-27 23:19:35 +01:00
  • 81fb9c8183 use released dns and pf-qubes Hannes Mehnert 2019-12-23 15:10:00 +01:00
  • dab790cb68
         Merge pull request #83 from marmot1791/marmot1791-patch-readme Thomas Leonard 2019-12-14 12:05:46 +00:00
  • dad1f6a723
         Update per review Snowy Marmot 2019-12-14 00:24:55 +00:00
  • 315fe4681e
         Note that AppVM Size may need to increase Snowy Marmot 2019-11-27 16:01:58 +00:00
  • 0aeea267af Use patched XenStore to debug unwatch crash Thomas Leonard 2019-11-22 11:32:20 +00:00
  • 706be3d823
         Merge pull request #81 from talex5/upstream-updates Thomas Leonard 2019-11-18 09:46:14 +00:00
  • 930d209cdb Fix build Thomas Leonard 2019-11-17 14:25:42 +00:00
  • 2bab775222 Update the firewall to olles changes to dns_client. linse 2019-09-28 17:56:01 +02:00
  • 7b705a3e68 Rule matching engine needs to be in Lwt.t linse 2019-09-28 16:18:41 +02:00
  • 0f5173c84e Refactor some more. Mindy 2019-09-20 11:01:36 -05:00
  • 33180cfa66 Simplify classify_client_packet. Mindy 2019-09-20 10:42:45 -05:00
  • cf17f9e403 Removede all warnings. Mindy 2019-09-20 10:15:05 -05:00
  • 319282c560 update TODO with state from our brains Mindy 2019-09-20 09:35:28 -05:00
  • 7ebe7c2fb5 replace mvar with condition Mindy 2019-09-19 11:10:02 -05:00
  • 5355237365 update TODO Mindy 2019-09-19 10:51:17 -05:00
  • b0499aa3ed wip: proper nxdomain handling Mindy 2019-09-19 10:49:37 -05:00
  • ef5261bf17 Wip Friday. linse 2019-09-13 18:05:54 +02:00
  • 4a7c63b54a un-de-reference Resolver.resolver, and leave a note about why Mindy 2019-09-12 19:01:27 -05:00
  • d9bdbbb435 Wip 2. linse 2019-09-12 18:09:37 +02:00
  • 8c9265f3d3 wip: behavior in :( dns cases linse 2019-09-12 17:29:07 +02:00
  • c2bcf89057 :x linse 2019-09-11 19:42:31 +02:00
  • 2d34e7f533 Tidy resolver. linse 2019-09-11 19:27:27 +02:00
  • f485e36527 Tidy rules. linse 2019-09-11 19:02:53 +02:00
  • 574d739fef remove unused variables Mindy 2019-09-11 11:17:30 -05:00
  • 4e27b49378 Attempt to make port tracking pure, add a note that this will not work. linse 2019-09-09 18:17:34 +02:00
  • a4a61c6531 Revert "Trying to make dns and nat port tracking stateless / pure . It does not" linse 2019-09-09 18:15:01 +02:00