bol-van
|
d2548394ee
|
major config re-think and re-write
|
2024-10-25 14:36:23 +03:00 |
|
bol-van
|
e1ecd8ecb0
|
init.d: zapret_custom_firewall_nft_flush
|
2024-10-13 13:51:20 +03:00 |
|
bol-van
|
755915a3ba
|
init.d: number pools. FW_EXTRA. nft insert. customs reorder
|
2024-10-12 21:28:51 +03:00 |
|
bol-van
|
e8012ee67f
|
init.d: multiple customs
|
2024-10-12 12:33:06 +03:00 |
|
bol-van
|
aa4c3c68ff
|
move udp to nft POSTNAT scheme
|
2024-03-15 15:46:07 +03:00 |
|
bol-van
|
2f9c69b33f
|
fix incoming connbytes range
|
2024-03-14 16:04:18 +03:00 |
|
bol-van
|
76cbcf57eb
|
nft always use PRENAT mode for quic
|
2024-03-03 09:27:28 +03:00 |
|
bol-van
|
8a161f1f49
|
autottl, datanoack, oob, postnat
|
2024-03-02 17:53:37 +03:00 |
|
bol-van
|
b7a5f51064
|
ports override
|
2023-12-12 21:00:22 +03:00 |
|
bol-van
|
a9a4cd5cb4
|
nfqws: tls client hello reassemble
|
2023-11-15 19:36:34 +03:00 |
|
bol-van
|
f03bb1747f
|
nft: POSTNAT mode support
|
2023-11-07 12:04:26 +03:00 |
|
bol-van
|
ac574ce2ce
|
autohostlist mode
|
2023-10-26 15:12:32 +03:00 |
|
bol-van
|
9a87e617e4
|
QUIC support to main scripts
|
2023-07-02 18:46:26 +03:00 |
|
bol-van
|
9f303c2748
|
nft openwrt : resolve physdev behind pppoe for hw offload
|
2022-11-15 14:45:04 +03:00 |
|
bol-van
|
be077c5ae0
|
nft: flow offload test counter
|
2022-11-15 11:04:02 +03:00 |
|
bol-van
|
cf5433c6fb
|
nft hw offload optimize
|
2022-11-01 12:30:00 +03:00 |
|
bol-van
|
321a553c8f
|
fix hardware offload if not all bridge members support it
|
2022-11-01 10:39:09 +03:00 |
|
bol-van
|
e7a3c8c142
|
nft: fix chains deletion on stop_fw
|
2022-06-01 16:31:52 +03:00 |
|
bol-van
|
ef669a15a5
|
TSPU QUIC block bypass custom script
|
2022-05-29 23:07:59 +03:00 |
|
bol-van
|
5244af1838
|
nftables: flush predefrag chain
|
2022-03-22 14:24:41 +03:00 |
|
bol-van
|
38883a67a9
|
nftables: use after-srcnat postrouting hook. enable ipfrag notrack
|
2022-03-22 13:58:02 +03:00 |
|
bol-van
|
e484808b3f
|
move local var definitions
|
2022-03-04 19:06:26 +03:00 |
|
bol-van
|
7f5731c5d0
|
allow to specify protocol in helper function, do not fix tcp
|
2022-03-04 17:30:02 +03:00 |
|
bol-van
|
3a4bf75ce6
|
init: reuse builtin mode in custom scripts
|
2022-02-23 22:39:49 +03:00 |
|
bol-van
|
09416dee64
|
nft: avoid using complex maps
|
2022-02-23 16:15:01 +03:00 |
|
bol-van
|
6b3d9153f8
|
nft: use map for tpws DNAT6 targeting
|
2022-02-23 12:13:26 +03:00 |
|
bol-van
|
f49ad5d194
|
nft: do not flush ifsets on firewall stop
|
2022-02-18 15:50:53 +03:00 |
|
bol-van
|
0c58537217
|
nft: do not delete all chains on firewall down
|
2022-02-18 13:40:49 +03:00 |
|
bol-van
|
be1269d950
|
nft: try to bypass digit starting interfaces nft bug
|
2022-02-17 19:34:35 +03:00 |
|
bol-van
|
a5757eac50
|
nft: quoting interface names
|
2022-02-16 23:33:45 +03:00 |
|
bol-van
|
0d08b555e8
|
nftables: quote interface names in ifname sets
|
2022-02-16 22:08:01 +03:00 |
|
bol-van
|
0b242d6068
|
hardware offloading: resolve bridge interfaces
|
2022-02-16 21:48:02 +03:00 |
|
bol-van
|
7d1b336061
|
nft: use iif instead of iifname for lo
|
2022-02-16 17:52:16 +03:00 |
|
bol-van
|
5a1ca8d481
|
init: deduplicate shell code
|
2022-02-16 15:46:29 +03:00 |
|
bol-van
|
4dd8635f6b
|
init: nft_fill_ifsets universal
|
2022-02-15 23:11:52 +03:00 |
|
bol-van
|
95667733a6
|
nftables support
|
2022-02-15 17:16:23 +03:00 |
|