HCoop / hcoop / zz_old / debian / hcoop-firewall-config.git / log
? search:
summary | shortlog | log | commit | commitdiff | tree
first ⋅ prev ⋅ next
hcoop/zz_old/debian/hcoop-firewall-config.git
9 years agorelease master debian/10
commit | commitdiff | tree
Clinton Ebadi [Fri, 20 Mar 2015 06:02:13 +0000 (02:02 -0400)]
release

9 years agoLog output of refresh cron job to syslog
commit | commitdiff | tree
Clinton Ebadi [Fri, 20 Mar 2015 06:01:45 +0000 (02:01 -0400)]
Log output of refresh cron job to syslog

No point in sending tons of annoying mails for all is ok to logs@

9 years agorelease debian/9
commit | commitdiff | tree
Clinton Ebadi [Tue, 3 Mar 2015 00:13:40 +0000 (19:13 -0500)]
release

9 years agoRefresh firewall hourly to pick up dns changes. Bug #1136.
commit | commitdiff | tree
Clinton Ebadi [Tue, 3 Mar 2015 00:12:58 +0000 (19:12 -0500)]
Refresh firewall hourly to pick up dns changes. Bug #1136.

9 years agorelease debian/8
commit | commitdiff | tree
Clinton Ebadi [Thu, 1 May 2014 22:53:11 +0000 (18:53 -0400)]
release

9 years agoInclude stubs for files generated by domtool so firewall loads after install
commit | commitdiff | tree
Clinton Ebadi [Thu, 1 May 2014 22:52:17 +0000 (18:52 -0400)]
Include stubs for files generated by domtool so firewall loads after install

9 years agoUpgrade to config-package-dev 5.0
commit | commitdiff | tree
Clinton Ebadi [Thu, 1 May 2014 22:51:45 +0000 (18:51 -0400)]
Upgrade to config-package-dev 5.0

11 years agorelease debian/7
commit | commitdiff | tree
Clinton Ebadi [Fri, 4 Jan 2013 07:29:47 +0000 (02:29 -0500)]
release

11 years agoAllow outgoing ping
commit | commitdiff | tree
Clinton Ebadi [Fri, 4 Jan 2013 07:28:41 +0000 (02:28 -0500)]
Allow outgoing ping

11 years agorelease debian/6
commit | commitdiff | tree
Clinton Ebadi [Sun, 16 Dec 2012 03:47:23 +0000 (22:47 -0500)]
release

11 years agoOpen database ports for all nodes, at least for now.
commit | commitdiff | tree
Clinton Ebadi [Sun, 16 Dec 2012 03:46:13 +0000 (22:46 -0500)]
Open database ports for all nodes, at least for now.

11 years agorelease debian/5
commit | commitdiff | tree
Clinton Ebadi [Sun, 9 Dec 2012 01:37:19 +0000 (20:37 -0500)]
release

11 years agoAllow mail routing via smarthost
commit | commitdiff | tree
Clinton Ebadi [Sun, 9 Dec 2012 01:36:51 +0000 (20:36 -0500)]
Allow mail routing via smarthost

11 years agorelease debian/4
commit | commitdiff | tree
Clinton Ebadi [Fri, 7 Dec 2012 20:14:47 +0000 (15:14 -0500)]
release

11 years agoFerm.conf syntax fixes
commit | commitdiff | tree
Clinton Ebadi [Fri, 7 Dec 2012 20:14:05 +0000 (15:14 -0500)]
Ferm.conf syntax fixes

11 years agorelease debian/3
commit | commitdiff | tree
Clinton Ebadi [Fri, 7 Dec 2012 20:08:53 +0000 (15:08 -0500)]
release

11 years agoEnable user chains
commit | commitdiff | tree
Clinton Ebadi [Fri, 7 Dec 2012 20:07:59 +0000 (15:07 -0500)]
Enable user chains

11 years agoAllow kadmin debian/2
commit | commitdiff | tree
Clinton Ebadi [Thu, 6 Dec 2012 07:53:48 +0000 (02:53 -0500)]
Allow kadmin

11 years agoRelease debian/1
commit | commitdiff | tree
Clinton Ebadi [Fri, 7 Sep 2012 05:35:20 +0000 (01:35 -0400)]
Release

11 years agoInclude service firewall rules
commit | commitdiff | tree
Clinton Ebadi [Fri, 7 Sep 2012 05:22:51 +0000 (01:22 -0400)]
Include service firewall rules
Instead of a per-machine package, keep the ports with the service for
now. Ideally domtool would handle all of this.

12 years agoBasic restrictive firewall debian/0
commit | commitdiff | tree
Clinton Ebadi [Thu, 29 Mar 2012 06:48:44 +0000 (02:48 -0400)]
Basic restrictive firewall
* Only open ports needed for kerberos, afs, ntp, dns requests, ssh
* Only root can open http connections (for apt)
* Outgoing icmp requests disabled for now -- this was thh default,
  not certain if there are any advantages/disadvantages to this
* Include local in/out ports using local conffiles (for now, fwtool
  will surface properly eventually)

hcoop-firewall-config packaging