mark
/
firmware
forked from freifunk-franken/firmware
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
1,179 Commits 3 Branches 0 Tags 4 MiB
Commit Graph

8 Commits

Author SHA1 Message Date
Fabian Bläse 52e15e072c fff-firewall: Remove ssh firewall on WAN interface 
This firewall was introduced as a countermeasure for very slow routers
directly connected to the internet without any firewall.

Our routers have got quite a bit faster since then. Also, a setup like
this is highly uncommon, especially for slower routers.

Therefore this firewall rule is removed.

Fixes: #138
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
[bump PKG_RELEASE]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
 2020-09-15 13:05:49 +02:00
Adrian Schmutzler 6f132f858e firewall.d: Check for unset IF_WAN 
In some cases (mostly for one-port devices) IF_WAN was used
although not set, resulting in not obviously iptables error
messages like

- Bad argument `conntrack'

- Bad argument `REJECT'

Thus, check whether IF_WAN is set to something before using it.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
 2019-11-17 15:46:34 +01:00
Adrian Schmutzler e9268539d1 packages/fff: Only use PKG_RELEASE for our own packages 
PKG_VERSION is meant to refer to the version of external packages,
as we do e.g. in the tunneldigger package.

For our own packages, we just need the PKG_RELEASE variable.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
[Rebased onto current state of master]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
 2019-07-01 21:54:09 +02:00
Adrian Schmutzler fa2ead9306 packages/fff: Use tabs in Makefiles 
Currently, Makefile use a mixture of tabs and spaces with various
indents. This harmonizes all Makefiles to use tab indentation only.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Tim Niemeyer <tim@tn-x.org>
 2019-02-05 14:29:31 +01:00
Adrian Schmutzler f6a457fd5e fff-firewall: Fix match in ip6tables and add dependencies 
The syntax " -m state --state " seems to be not supported anymore.

The replace should not change behavior compared to
lede-17.01-based firmware.

Added required dependency.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Tim Niemeyer <tim@tn-x.org>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
 2018-10-24 18:04:52 +02:00
Adrian Schmutzler e7e27c168c Utilize PKG_NAME in Makefiles 
Since there is a PKG_NAME variable, there is no need to repeat
the individual package name five times.

This makes editing and particularly copying Makefiles much
easier, as only the PKG_NAME has to be changed.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Tim Niemeyer <tim@tn-x.org>
 2017-10-16 21:20:02 +02:00
Christian Dresel bee682345a Increase SSH Connection Limit 
Signed-off-by: Christian Dresel <fff@chrisi01.de>
Reviewed-by: Jan Kraus <mayosemmel@gmail.com>
Reviewed-by: Tim Niemeyer <tim@tn-x.org>
 2016-10-30 13:05:04 +01:00
Tim Niemeyer b61830c304 fff-firewall: new package 
- moves the node<-->client ra rules to package fff-uradvd

Signed-off-by: Tim Niemeyer <tim@tn-x.org>
Reviewed-by: Tobias Klaus <tk+ff@meskal.net>
Reviewed-by: Jan Kraus <mayosemmel@gmail.com>
 2016-04-05 23:27:11 +02:00