18 Commits

Author	SHA1	Message	Date
Johannes Zellner	1a98d6d2bd	iptables --dports only supports up to 15 ports apparently	2021-02-12 15:56:19 +01:00
Girish Ramakrishnan	4287642308	firewall: add udp ports to allowed list	2020-11-30 10:26:39 -08:00
Girish Ramakrishnan	191be658d5	firewall: fix race where blocklist was added after docker rules	2020-09-22 12:02:40 -07:00
Girish Ramakrishnan	1f209d0fb4	fix some comments	2020-09-22 11:43:14 -07:00
Girish Ramakrishnan	20e206fa43	migrate blocklist to a txt file ... this allows easy copy/pasting of existing deny lists which contain comments and blank lines	2020-09-14 12:10:29 -07:00
Girish Ramakrishnan	722808a0e4	firewall: make sure blocklist is first in the forward chain	2020-09-09 17:47:20 -07:00
Girish Ramakrishnan	b7440ee516	Do IP based check first before accepting port based checks	2020-08-31 21:55:45 -07:00
Girish Ramakrishnan	e4b06b16a9	firewall: implement blocklist	2020-08-31 21:46:07 -07:00
Girish Ramakrishnan	f0a62600af	No need to accept them here since the ports are managed by docker	2020-08-31 08:58:02 -07:00
Johannes Zellner	7e47e36773	Fix portrange notation in firewall service	2020-03-29 07:25:36 +02:00
Johannes Zellner	00b6217cab	Fix turn tls port	2020-03-29 07:09:17 +02:00
Johannes Zellner	89cf8a455a	Allow turn and stun service ports	2020-03-28 23:33:44 +01:00
Girish Ramakrishnan	9e74b666fb	More caas removal	2019-05-08 20:01:14 -07:00
Girish Ramakrishnan	a0d1016c01	containerize sftp	2019-04-04 22:43:02 -07:00
Johannes Zellner	044b27967e	Make initial sftp connection work	2019-03-19 15:24:09 -07:00
Girish Ramakrishnan	e9456f70f9	use connlimit module to rate limit ... hitcount cannot be more than 255 in recent module	2017-03-29 21:51:24 -07:00
Girish Ramakrishnan	ffbda22145	Fine tune rate limits a bit more	2017-03-29 16:03:08 -07:00
Girish Ramakrishnan	956fe86250	Add firewall service ... Docker really insists on adding itself to the top of the FORWARD chain. Making our firewall side-steps this docker design.	2017-03-29 02:31:53 -07:00