| 2024-05-10 |
Mark Wooding | eggle.m4, local.m4, local.mk: Add new VPS `eggle'. master |
commit | commitdiff | tree | snapshot |
| 2024-05-10 |
Mark Wooding | local.m4: Countenance non-Linode VPSes. |
commit | commitdiff | tree | snapshot |
| 2024-05-10 |
Mark Wooding | national.m4: Use public NTP servers. |
commit | commitdiff | tree | snapshot |
| 2024-05-10 |
Mark Wooding | bookends.m4: Bake in knowledge about the `iptables... |
commit | commitdiff | tree | snapshot |
| 2024-05-09 |
Mark Wooding | fender.m4: Remove ethernet-level filtering. |
commit | commitdiff | tree | snapshot |
| 2024-04-28 |
Mark Wooding | local.m4, fender.m4, radius.m4: Fixing for `fender... |
commit | commitdiff | tree | snapshot |
| 2024-04-28 |
Mark Wooding | prologue.m4: Fix exit statuses. |
commit | commitdiff | tree | snapshot |
| 2023-12-22 |
Mark Wooding | classify.m4: Explicitly class 255.255.255.255 as broadcast. |
commit | commitdiff | tree | snapshot |
| 2023-12-19 |
Mark Wooding | local.m4: Add a correct VPN entry for `groove'. |
commit | commitdiff | tree | snapshot |
| 2023-12-19 |
Mark Wooding | local.m4: Delete incorrect host entry for `groove'. |
commit | commitdiff | tree | snapshot |
| 2023-09-14 |
Mark Wooding | roadstar.m4: Allow public access to the TLS web-cache... |
commit | commitdiff | tree | snapshot |
| 2023-03-16 |
Mark Wooding | local.m4: Fix the IPv4 version of the `inbound-untruste... |
commit | commitdiff | tree | snapshot |
| 2023-02-25 |
Mark Wooding | local.mk, roadstar.m4: Move lpr service to roadstar... |
commit | commitdiff | tree | snapshot |
| 2022-05-30 |
Mark Wooding | *.m4: Actually allow NFS to untrusted hosts. |
commit | commitdiff | tree | snapshot |
| 2022-05-30 |
Mark Wooding | local.m4, etc.: Establish `inbound-untrusted' chain... |
commit | commitdiff | tree | snapshot |
| 2022-05-30 |
Mark Wooding | fender.m4, ibanez.m4, vampire.m4: Invoke `footables... |
commit | commitdiff | tree | snapshot |
| 2022-05-09 |
Mark Wooding | Merge branch 'master' of git.distorted.org.uk:~mdw... |
commit | commitdiff | tree | snapshot |
| 2022-05-09 |
Mark Wooding | numbers.m4, artist.m4: Add a second DisOrder port for... |
commit | commitdiff | tree | snapshot |
| 2022-05-09 |
Mark Wooding | local.m4: Add `mdwdev.upn'. |
commit | commitdiff | tree | snapshot |
| 2021-11-01 |
Mark Wooding | jazz.m4, numbers.m4: Allow Privoxy access to SGO VPN. |
commit | commitdiff | tree | snapshot |
| 2021-02-03 |
Mark Wooding | local.m4: Update external NTP servers. |
commit | commitdiff | tree | snapshot |
| 2020-04-08 |
Mark Wooding | local.m4: Add entry for new laptop `spirit'. |
commit | commitdiff | tree | snapshot |
| 2018-12-26 |
Mark Wooding | local.m4, precision.m4: Introduce `vpnnat' network... |
commit | commitdiff | tree | snapshot |
| 2018-12-26 |
Mark Wooding | local.mk: Reinstate mango. |
commit | commitdiff | tree | snapshot |
| 2017-10-02 |
Mark Wooding | local.m4: Filter out source routing in the firewall. |
commit | commitdiff | tree | snapshot |
| 2017-10-02 |
Mark Wooding | local.m4: Don't expect `forbidden' to return. |
commit | commitdiff | tree | snapshot |
| 2017-10-01 |
Mark Wooding | local.m4: Add the `hippotat' network. |
commit | commitdiff | tree | snapshot |
| 2017-10-01 |
Mark Wooding | classify.m4: Note the older site-local IPv6 range. |
commit | commitdiff | tree | snapshot |
| 2017-10-01 |
Mark Wooding | classify.m4: Fix typo in commentary. |
commit | commitdiff | tree | snapshot |
| 2017-09-22 |
Mark Wooding | telecaster.m4: Open the old (implicit-TLS) `ftps' port. |
commit | commitdiff | tree | snapshot |
| 2017-09-22 |
Mark Wooding | roadstar.m4, telecaster.m4: No need to open the `ftp_da... |
commit | commitdiff | tree | snapshot |
| 2017-07-02 |
Mark Wooding | base.m4: Improve LSB header to delay firewall shutdown. |
commit | commitdiff | tree | snapshot |
| 2016-10-22 |
Mark Wooding | local.m4: gibson uses untagged packets for the unsafe... |
commit | commitdiff | tree | snapshot |
| 2016-07-01 |
Mark Wooding | local.m4: Designate `vpn' as `trusted' rather than... |
commit | commitdiff | tree | snapshot |
| 2016-07-01 |
Mark Wooding | national.m4: Configure as an authoritative DNS server. |
commit | commitdiff | tree | snapshot |
| 2016-07-01 |
Mark Wooding | Finish the switchover to Andrews & Arnold. |
commit | commitdiff | tree | snapshot |
| 2016-07-01 |
Mark Wooding | fender.m4: Fix silly typo in comment. |
commit | commitdiff | tree | snapshot |
| 2016-06-27 |
Mark Wooding | local.m4: Prepare for switchover to A&A. |
commit | commitdiff | tree | snapshot |
| 2016-06-27 |
Mark Wooding | local.m4: Fix whitespace oddity. |
commit | commitdiff | tree | snapshot |
| 2016-06-15 |
Mark Wooding | fender.m4: Provide NTP service to untrusted clients. |
commit | commitdiff | tree | snapshot |
| 2016-02-07 |
Mark Wooding | New host universe. |
commit | commitdiff | tree | snapshot |
| 2015-10-01 |
Mark Wooding | local.m4, local.mk, national.m4: New virtual host ... |
commit | commitdiff | tree | snapshot |
| 2015-10-01 |
Mark Wooding | local.m4: New address range for untrusted VPN hosts. |
commit | commitdiff | tree | snapshot |
| 2015-05-11 |
Mark Wooding | functions.m4 (ntpclient): Handle NTP servers with IPv6... |
commit | commitdiff | tree | snapshot |
| 2015-05-11 |
Mark Wooding | local.m4: Allow IPv6 ping separately. |
commit | commitdiff | tree | snapshot |
| 2015-04-01 |
Mark Wooding | telecaster.m4: External SMTP service for mailing lists. |
commit | commitdiff | tree | snapshot |
| 2015-04-01 |
Mark Wooding | local.mk: Remove orange and mango. |
commit | commitdiff | tree | snapshot |
| 2015-04-01 |
Mark Wooding | jem.m4, vampire.m4: Cull some external services. |
commit | commitdiff | tree | snapshot |
| 2015-04-01 |
Mark Wooding | local.m4: gibson now uses explicit VLAN tagging. |
commit | commitdiff | tree | snapshot |
| 2015-03-26 |
Mark Wooding | functions.m4: Only call `allow-non-init-frag' on fragments. |
commit | commitdiff | tree | snapshot |
| 2015-03-26 |
Mark Wooding | jaguar.m4, local.m4: Remove jaguar completely. |
commit | commitdiff | tree | snapshot |
| 2015-03-19 |
Mark Wooding | jem.m4: External rsync service. |
commit | commitdiff | tree | snapshot |
| 2015-03-19 |
Mark Wooding | radius.m4: Stop MSS clamping on egress now the external... |
commit | commitdiff | tree | snapshot |
| 2015-02-28 |
Mark Wooding | local.m4: Reinstate detailed filtering from scary networks. |
commit | commitdiff | tree | snapshot |
| 2015-02-24 |
Mark Wooding | local.m4: Inbound restriction on untrusted is no longer... |
commit | commitdiff | tree | snapshot |
| 2015-02-16 |
Mark Wooding | local.m4: Protect the `untrusted' network from incoming... |
commit | commitdiff | tree | snapshot |
| 2015-02-16 |
Mark Wooding | classify.m4: Fix some typos in the commentary. |
commit | commitdiff | tree | snapshot |
| 2015-02-09 |
Mark Wooding | jazz.m4, numbers.m4: Expose the OpenPGP key server. |
commit | commitdiff | tree | snapshot |
| 2015-02-07 |
Mark Wooding | local.m4: Proper configuration for groove. |
commit | commitdiff | tree | snapshot |
| 2015-02-07 |
Mark Wooding | groove.m4: New host. |
commit | commitdiff | tree | snapshot |
| 2015-02-07 |
Mark Wooding | artist.m4: Further Rygel hacking. |
commit | commitdiff | tree | snapshot |
| 2014-09-05 |
Mark Wooding | artist.m4: Punch a hole for Rygel service to local... |
commit | commitdiff | tree | snapshot |
| 2014-07-15 |
Mark Wooding | local.m4: Boundary network addresses can legitimately... |
commit | commitdiff | tree | snapshot |
| 2014-07-15 |
Mark Wooding | stratocaster.m4: Permit incoming finger. |
commit | commitdiff | tree | snapshot |
| 2014-06-29 |
Mark Wooding | local.m4: Load connection tracking modules as standard. |
commit | commitdiff | tree | snapshot |
| 2014-04-27 |
Mark Wooding | classify.m4: Forbid the v4-mapped and v4-compatible... |
commit | commitdiff | tree | snapshot |
| 2014-04-21 |
Mark Wooding | local.m4: Move VPN hosts to ...:1. |
commit | commitdiff | tree | snapshot |
| 2014-04-20 |
Mark Wooding | telecaster.m4: Allow external DNS service. |
commit | commitdiff | tree | snapshot |
| 2014-04-19 |
Mark Wooding | local.m4: Replacing IPv6 host routes with /112 networks. |
commit | commitdiff | tree | snapshot |
| 2014-04-18 |
Mark Wooding | local.m4: Mention that the IPv6 VPN net is logically... |
commit | commitdiff | tree | snapshot |
| 2014-04-18 |
Mark Wooding | icmp.m4: Actually track the correct ICMPv6 protocol. |
commit | commitdiff | tree | snapshot |
| 2014-03-08 |
Mark Wooding | Makefile: Explicit stdin from terminal, so `make -j... |
commit | commitdiff | tree | snapshot |
| 2014-03-08 |
Mark Wooding | fender.m4: BCP38 source-address filtering, at ebtables... |
commit | commitdiff | tree | snapshot |
| 2014-03-08 |
Mark Wooding | fender.m4: Reformat the ebtables hacking a bit. |
commit | commitdiff | tree | snapshot |
| 2014-03-08 |
Mark Wooding | functions.m4, radius.m4: BCP38 filtering for outbound... |
commit | commitdiff | tree | snapshot |
| 2014-03-07 |
Mark Wooding | base.m4: Run firewall after local filesystems are mounted. |
commit | commitdiff | tree | snapshot |
| 2014-02-12 |
Mark Wooding | numbers.m4, stratocaster.m4: Public-facing IMAP server. |
commit | commitdiff | tree | snapshot |
| 2014-01-07 |
Mark Wooding | numbers.m4, telecaster.m4: TLS-enabled web cache. |
commit | commitdiff | tree | snapshot |
| 2013-09-10 |
Mark Wooding | local.mk: jaguar's firewall is maintained locally now. |
commit | commitdiff | tree | snapshot |
| 2013-09-04 |
Mark Wooding | fender.m4: Trap bad source IP addresses at the ethernet... |
commit | commitdiff | tree | snapshot |
| 2013-09-02 |
Mark Wooding | jazz.m4: Allow iodine hosts NATed internet access. |
commit | commitdiff | tree | snapshot |
| 2013-09-02 |
Mark Wooding | jaguar.m4, local.m4, local.mk: New host. |
commit | commitdiff | tree | snapshot |
| 2013-05-06 |
Mark Wooding | telecaster.m4: Rate-limit incoming ICP. |
commit | commitdiff | tree | snapshot |
| 2013-05-06 |
Mark Wooding | functions.m4: Partially cope with ipset(8) command... |
commit | commitdiff | tree | snapshot |
| 2013-04-19 |
Mark Wooding | numbers.m4, telecaster.m4: Expose the Squid ICP port. |
commit | commitdiff | tree | snapshot |
| 2013-04-19 |
Mark Wooding | mango.m4: Reverse NAT into the main network. |
commit | commitdiff | tree | snapshot |
| 2013-04-19 |
Mark Wooding | classify.m4: Document the source of blacklisted address... |
commit | commitdiff | tree | snapshot |
| 2013-03-26 |
Mark Wooding | jazz.m4: No, jazz is not a nameserver. |
commit | commitdiff | tree | snapshot |
| 2013-03-26 |
Mark Wooding | mango.m4: Tighten up the SNAT rules. |
commit | commitdiff | tree | snapshot |
| 2013-03-16 |
Mark Wooding | config.m4: Extend the upper limit on open ports. |
commit | commitdiff | tree | snapshot |
| 2013-02-10 |
Mark Wooding | New host `mango'. |
commit | commitdiff | tree | snapshot |
| 2013-02-09 |
Mark Wooding | classify.m4: Hook the INPUT and FORWARD chains, not... |
commit | commitdiff | tree | snapshot |
| 2013-02-09 |
Mark Wooding | ibanez.m4: Open an explicit hole for `udpkey'. |
commit | commitdiff | tree | snapshot |
| 2013-02-09 |
Mark Wooding | local.m4: Yet more explicit networks for asymmetric... |
commit | commitdiff | tree | snapshot |
| 2013-01-26 |
Mark Wooding | local.m4: New satellite network `binswood'. |
commit | commitdiff | tree | snapshot |
| 2013-01-26 |
Mark Wooding | local.m4: Make the net-class policies easier to read. |
commit | commitdiff | tree | snapshot |
| 2013-01-26 |
Mark Wooding | local.m4: Nothing should forward via `iodine'. |
commit | commitdiff | tree | snapshot |
| 2013-01-26 |
Mark Wooding | functions.m4, local.m4: Rename `forwards' to `via'. |
commit | commitdiff | tree | snapshot |
| 2013-01-13 |
Mark Wooding | New host `orange'. |
commit | commitdiff | tree | snapshot |
| 2013-01-13 |
Mark Wooding | ibanez.m4, vampire.m4: Provide NTP service to untrusted... |
commit | commitdiff | tree | snapshot |
| next |
~mdw / firewall / shortlog