safebox/firewall_containers
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Commit Graph

  • 48331871b4 fix(firewall): allow both forward and NAT rules in same policy master gyurix 2026-06-17 10:18:24 +02:00
  • 67693d0398 fix(iptables): validate network parameters before rule insertion gyurix 2026-06-16 13:42:32 +02:00
  • d5757e623a Refactor iptables chain detection to centralize and default to DOCKER-USER gyurix 2026-06-16 12:46:25 +02:00
  • 77f80dea1b feat: add idempotent route checks and container network routes gyurix 2026-06-16 09:42:47 +02:00
  • 903bc1a7da fix: correct POSTROUTING MASQUERADE to use destination CIDR and port gyurix 2026-06-16 08:51:25 +02:00
  • d1c8eaef3e refactor(iptables): make rule insertion functions idempotent gyurix 2026-06-16 08:16:29 +02:00
  • 04322b699e feat(iptables): make rule insertions idempotent and robust gyurix 2026-06-16 00:28:13 +02:00
  • 246346f8b1 feat(docker, firewall): Add stateful network connection check and optimize NAT rules gyurix 2026-06-15 23:39:58 +02:00
  • bf94206849 feat: Add POSTROUTING MASQUERADE and periodic state reconciliation gyurix 2026-06-15 22:40:43 +02:00
  • 27607d1a2e feat: add logging to Docker and iptables operations, fix iptables path gyurix 2026-06-15 17:05:53 +02:00
  • 3172023254 fix: update iptables binary paths to use /usr/sbin instead of /sbin gyurix 2026-06-15 16:34:24 +02:00
  • 2d6e22b9e6 fix(network-go): handle reconnection gracefully and fix DNAT rule issues gyurix 2026-06-15 16:12:08 +02:00
  • 6c19e22deb refactor(docker): switch container lookup to use filtered ContainerList gyurix 2026-06-15 15:25:38 +02:00
  • aac9b83576 feat(network-go): add fuzzy container name resolution for firewall connections gyurix 2026-06-15 14:58:29 +02:00
  • c6ae1748cf fix: warn instead of error when IP forwarding fails in containers gyurix 2026-06-15 12:21:12 +02:00
  • e5e19835f9 fix: use prefix matching instead of dash stripping for container resolution gyurix 2026-06-15 12:00:26 +02:00
  • f9513cd98a fix(resolver): strip all dashes when matching container names gyurix 2026-06-15 11:55:00 +02:00
  • dea2fca7fb removed nsenter from Dockerfile install gyurix 2026-06-12 09:18:53 +02:00
  • ca29a9cce0 updated go related dockerfile gyurix 2026-06-12 09:15:10 +02:00
  • a483e5bb5f changed workspace path gyurix 2026-06-12 09:11:56 +02:00
  • 7c6009bfa5 updated drone file node selector gyurix 2026-06-12 09:09:17 +02:00
  • e990ecfeb4 updated drone steps gyurix 2026-06-12 09:07:00 +02:00
  • 154de77259 added network go cicd pipeline gyurix 2026-06-12 09:04:46 +02:00
  • fcda599ec7 added test go implementation gyurix 2026-06-08 17:02:13 +02:00
  • a555cce680 reconfigured the network stack and modified readme file gyurix 2026-06-08 16:37:44 +02:00
  • c3de398f35 added network-go project gyurix 2026-06-08 15:34:01 +02:00
  • 9271f63dd9 remove nftables installation from Dockerfile and clean up firewall-add script gyurix 2025-11-18 23:21:31 +01:00
  • e21011bec1 update node selector in Drone configuration and add nftables to Dockerfile gyurix 2025-11-18 12:50:45 +01:00
  • 4631bccf6c refactor iptables handling for improved compatibility across operating systems gyurix 2025-03-05 18:26:14 +01:00
  • 7753178b07 update to multiarch Gyurix 2025-03-05 15:03:33 +01:00
  • d4f2a46b71 update to multiarch Gyurix 2025-03-05 15:00:14 +01:00
  • 8fb4b17fda update to multiarch Gyurix 2025-03-05 14:59:15 +01:00
  • f9022cbdff checked iptables variant for multiple operating systems Gyurix 2024-08-19 16:04:30 +02:00
  • 6570137e42 IP check correction gyurix 2023-10-16 02:35:06 +00:00
  • a2301e7172 added double quote character for awk parsing first colums gyurix 2023-10-16 02:02:48 +00:00
  • de23694368 Update 'firewall/firewall-add' Gyorgy Berenyi 2023-08-23 08:31:35 +00:00
  • 12ce6a9fa3 Update 'firewall/firewall-add' Gyorgy Berenyi 2023-08-20 12:46:15 +00:00
  • 05e30e8bf3 Added delete firewall rule option gyurix 2023-08-20 07:56:32 +00:00
  • e0fc5e22b2 -n was added Linux User 2023-06-05 13:09:32 +00:00
  • 92f34fb9e2 syntax fix gyurix 2023-05-15 07:04:11 +00:00
  • 18c275bf73 ports in pair gyurix 2023-05-15 06:50:22 +00:00
  • 46fde8a19f Check TARGET IP and TARGET PORT exist gyurix 2023-04-27 12:05:27 +00:00
  • c57549e032 Introduced SOURCE_IFACE variable gyurix 2023-04-27 11:59:15 +00:00
  • fa8de49a28 Introduced SOURCE_IFACE variable gyurix 2023-04-27 10:44:43 +00:00
  • 5825811547 Remove uneccessary lines gyurix 2023-03-12 11:47:47 +00:00
  • 2ad946f90b Commented IP set when them not exist gyurix 2023-03-12 11:42:09 +00:00
  • 83e1291943 Replace iptables to iptables-legacy when NSENTER presents gyurix 2023-03-12 11:15:07 +00:00
  • 9bb484b9bb Filter when not all the variables exist for prerouting rulesx gyurix 2023-03-12 11:04:12 +00:00
  • 191638456e Changing IPTABLES variable to correct iptables bin gyurix 2023-03-12 10:49:27 +00:00
  • 7cce2b5394 Complete firewall in case of network defined in rules gyurix 2023-03-08 20:53:13 +00:00
  • 05aacbba3c Check how many APP_IP presents when examine IP addresses gyurix 2023-02-13 11:28:59 +00:00
  • 041f9ea00e revert firewall base to 1.8.7 gyurix 2023-02-03 11:49:57 +00:00
  • a56032cbc4 fix gyurix 2023-02-03 11:21:24 +00:00
  • 6c4f16d95f fix gyurix 2023-02-03 11:17:24 +00:00
  • f09f06764a remove all matching selectors and all selctors followed by "-" gyurix 2023-02-03 11:09:04 +00:00
  • dac7a093b5 Added selector based firewall rules creating gyurix 2023-01-25 08:57:27 +00:00
  • 8386c2aa65 Added exit line when running processes numbers are less then expected gyurix 2022-12-27 09:08:34 +00:00
  • 4ad3a0e7e5 Added exit line when running processes numbers are less then expected gyurix 2022-12-27 09:03:40 +00:00
  • ec2f7480b3 Update 'Dockerfile' Gyorgy Berenyi 2022-12-27 08:43:14 +00:00
  • 413a7133bd Bugfix gyurix 2022-12-20 10:35:46 +00:00
  • 4280ba3429 Minor bugfix gyurix 2022-11-24 12:57:23 +00:00
  • e942411335 Added validate process for getting IP address of application gyurix 2022-11-24 12:51:45 +00:00
  • 054a918370 Changed iptables version gyurix 2022-10-25 12:13:01 +00:00
  • 3046c9f262 Syntax fixing gyurix 2022-10-13 09:37:05 +00:00
  • 4c7a313e60 Changing wait time to infinity gyurix 2022-10-13 06:47:56 +00:00
  • dfc5b21d54 Adding check-line to iptables script gyurix 2022-10-10 12:35:19 +00:00
  • 1217d8b0d6 Adding check-line to iptables script gyurix 2022-10-10 11:55:48 +00:00
  • 246819fdfa Fixing roles variable filtering when exists gyurix 2022-10-03 09:40:38 +00:00
  • 69921b224f Fixing roles variable filtering when exists gyurix 2022-09-30 20:39:41 +00:00
  • f26c9dc1a2 Implementing roles filter for finding proper applications gyurix 2022-09-28 07:26:51 +00:00
  • aa78e3bb6f debugging duplication and filtering gyurix 2022-09-20 10:03:46 +00:00
  • db252ce091 debugging duplication and filtering gyurix 2022-09-20 10:01:05 +00:00
  • ae1c4d255d validating application names or IP addresses variables gyurix 2022-09-12 13:00:57 +00:00
  • a326c2646b validating application names or IP addresses variables gyurix 2022-09-12 12:51:43 +00:00
  • 91434028d9 Unknown gyurix 2022-09-12 10:33:23 +00:00
  • d8f89c422a Introducing name resolution service instead of IP addresses gyurix 2022-08-06 08:51:06 +00:00
  • c6d89dad8f When HOST variable is defined the prerouting and the postrouting segment not executed gyurix 2022-06-07 05:57:24 +00:00
  • d0b9777bfb Correcting search pattern in iptables rules table gyurix 2022-05-19 07:39:32 +00:00
  • 0c9ad36c84 Defining prerouting state gyurix 2022-05-19 07:28:11 +00:00
  • 1e1ddbb0f9 Changing postrouting IP variables for correct rule parameters gyurix 2022-05-19 06:44:34 +00:00
  • b7ec1b9549 Specifying filter process to correct iptables rules gyurix 2022-05-19 05:48:23 +00:00
  • abe47c7622 Setting prerouting and postrouting rules in one process gyurix 2022-05-19 05:29:56 +00:00
  • dd0ffa2d56 Modifying source or target IP addresses in case of POSTROUTING rules is applied gyurix 2022-05-16 09:05:26 +00:00
  • 6da9d2efd0 Changing execution orders gyurix 2022-03-21 10:46:37 +00:00
  • a4fdb05433 Changing execution order of rules gyurix 2022-03-21 10:36:00 +00:00
  • 47eea279ec Inserting source postrouting rules gyurix 2022-03-12 15:10:12 +00:00
  • 853d1e6d75 Fixing duplicated and complex postrouting firewall rules in containers gyurix 2022-03-10 21:36:22 +00:00
  • 5f5ca07582 Correcting duplicated and complex prerouting firewall rules in container gyurix 2022-03-10 21:18:37 +00:00
  • 1b9aeb6f40 Findind the dulicated prerouting rules in container firewall gyurix 2022-03-10 21:03:42 +00:00
  • fd455c3ed1 Fixing duplicated iptable rules gyurix 2022-03-10 20:44:12 +00:00
  • 264ac9c9ac Fixing duplicated iptable rules gyurix 2022-03-10 20:41:15 +00:00
  • a60422cfe6 Correcting prerouting and postrouting search filter for more precise results gyurix 2022-03-10 20:31:47 +00:00
  • 0641ee0458 Preparing iptables for /24 subnet if the ip variables have zero value at the last octet. gyurix 2022-02-28 05:43:14 +00:00
  • 869994823a Preparing firewall to create /24 subnet NAT settings. gyurix 2022-02-27 20:12:37 +00:00
  • 6411e97a7f Debug changes. gyurix 2022-02-27 17:40:33 +00:00
  • caf578b65b Debugging iptables lines duplication causes. gyurix 2022-02-27 17:30:05 +00:00
  • cf791e3e52 Changing iptables variables order. gyurix 2022-02-27 17:12:36 +00:00
  • 65df14bd1a Minor fixing. gyurix 2022-02-27 16:08:47 +00:00
  • ab1e3ad729 Minor fixing. gyurix 2022-02-27 16:05:01 +00:00
  • 9b4bc872ef Setting SOURCE_IP and TARGET_IP variables if they have not values. gyurix 2022-02-27 16:01:43 +00:00