Squid - firewall rules sanitization and fixes #305
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Transparent proxy: - Use rdr pass to pass traffic. - Fix the rules so that they no longer pass traffic to 80/443 (plus 3128/3129) to everywhere except the transparent proxy interface(s), which was impossible to override by user rules due to the quick option being used. - Fix faulty logic where no rules were generated for transparent proxy when 'Allow Users on Interface' was not checked. Split and move these checks to proper places to skip either the NAT rules or the filter rules as needed. Non-transparent proxy: - Pass the traffic to the configured proxy interface and ports only. - Fix the rules so that the required traffic is passed to proxy when 'Allow Users on Interface' is checked Others: - Fixed/updates for PPPoE handling. - Add lots of comments here to avoid future confusion.
added 6 commits
February 14, 2017 11:46
Nuke "useless" descriptions while here since they don't display anywhere.
Nuke "useless" descriptions while here since they don't display anywhere.
jim-p
approved these changes
Feb 22, 2017
netgate-git-updates
pushed a commit
that referenced
this pull request
Feb 22, 2017
netgate-git-updates
pushed a commit
that referenced
this pull request
Aug 15, 2018
[ Robert Edmonds ] * Release 1.3.1. * Restore protobuf-2.x compatibility (#284, #285). * Use xenial and protobuf 3.6.1 in the Travis-CI environment (#332). * Convert uses of protobuf's scoped_ptr.h to C++11 std::unique_ptr, needed to compile against protobuf 3.6.1 (#320, #333). * Use AX_CXX_COMPILE_STDCXX macro to enable C++11 support in old compilers (#312, #317, #327, #334). [ Fredrik Gustafsson ] * Add std:: to some types (#294, #305, #309). [ Sam Collinson ] * Check the return value of int_range_lookup before using as an array index; it can return -1 (#315). [ Matthias Dittrich ] * Fix compilation on mingw by using explicit protoc --plugin=NAME=PATH syntax in Makefile.am (#289, #290). Sponsored by: Farsight Security, Inc.
netgate-git-updates
pushed a commit
that referenced
this pull request
Mar 31, 2020
FreeBSD-relevant ChangeLog extract since 3.0.6: * Remove RANDFILE environment variable (#261) * Workaround for bug in win32 mktemp (#247, #305, PR #312) * Handle IP address in SAN and renewals (#317) * Workaround for ash and no set -o echo (#319) * Shore up windows testing framework (#314) * Provide upgrade mechanism for older versions of EasyRSA (#349) * Add support for KDC certificates (#322) * Add support for Edward Curves (#354, #350) * Add support for EASYRSA_PASSIN and EASYRSA_PASSOUT env vars (#368) * Add support for RID to SAN (#362) Update WWW: link in pkg-descr. Remove patches that have been integrated upstream. Shuffle USES=-line to please portlint. Add NO_ARCH=yes, since this is all scripts and text. Reported by: Eric F Crist (upstream maintainer)
netgate-git-updates
pushed a commit
that referenced
this pull request
Jul 5, 2022
Changes since 0.3.0: We reached v1.0.0 - fix!: Replace limit flag with paginate by @ankitpokhrel in #359 - fix!: Append components on edit instead of overriding by @ankitpokhrel in #368 - feat!: Append label to an issue, show labels at issue list view by @stchar in #300 - refactor!: Move boards and project list to subcommand by @ankitpokhrel in #314 - feat: Support custom fields on issue create by @ankitpokhrel in #319 - feat: Add support to read from .netrc by @adolsalamanca in #329 - feat: Add support for OS keyrings/-chains by @boyvanamstel in #348 - feat: Support auth with personal access tokens by @marek-veber / @ankitpokhrel in #327 - feat: Allow to set fixVersions on issue creation by @ankitpokhrel in #276 - feat: Allow insecure TLS by @ankitpokhrel in #305 - feat: Add --no-browser option to open cmd by @ankitpokhrel in #308 - feat: Add search option for boards on jira init by @ankitpokhrel in #322 - feat: Add issues unlink command by @sushilkg in #347 - feat: Support refresh for issues list by @GZLiew in #325 - feat: Ability to delete issue by @ankitpokhrel in #336 - feat: Allow to set custom fields on epic create by @ankitpokhrel in #364 - feat: Allow to edit release-info/fixVersions by @ankitpokhrel in #365 - feat: Allow removing labels on edit by @ankitpokhrel in #371 - feat: Support creating issues with custom subtask type by @danobi in #372 - feat: Allow removing component on edit by @ankitpokhrel in #374 - feat: Allow removing fixVersions on edit by @ankitpokhrel in #376 - feat: Support custom fields on issue edit by @ankitpokhrel in #377 - feat: Jira init non-interactive by @ankitpokhrel in #381 - feat: Show subtasks in issue view by @ankitpokhrel in #382 - feat: Allow project filter in raw jql by @ankitpokhrel in #395 - fix: Makefile compatiblity with Make 3.81 by @danmichaelo in #252 - fix: Config generation issue by @ankitpokhrel in #275 - fix(cfg): Strip trailing slash on server name by @ankitpokhrel in #295 - fix: Jira client should respect timeout opt by @ankitpokhrel in #304 - fix: Respect GLAMOUR_STYLE env on issue view by @ankitpokhrel in #317 - fix: Get subtask handle from config by @ankitpokhrel in #296 - fix: Jira wiki parser by @ankitpokhrel in #326 - fix: Display correctly columns in list sprint command help by @adolsalamanca in #320 - fix: Panic on empty sub-list by @ankitpokhrel in #330 - fix: Issue with assigning user by @ankitpokhrel in #321 - fix: OOM bug on issue view by @ankitpokhrel in #350 - fix: Assign parent key as is on edit by @ankitpokhrel in #351 - fix: Add additional check for total boards returned by @ankitpokhrel in #360 - fix: Issue with query param in user assignment by @ankitpokhrel in #380 - fix: Subtask clone by @ankitpokhrel in #383 - fix: editing issue with custom field in non interactive mode by @DrudgeRajen in #391 - dep: Upgrade charmbracelet/glamour to 0.5.0 by @ankitpokhrel in #309 - dep: Upgrade rivo/tview to latest by @ankitpokhrel in #310 - dep: Upgrade outdated packages by @ankitpokhrel in #311 - dep: Upgrade cobra to 1.4.0 by @ankitpokhrel in #373 - Use md ext for tmp file to trigger vim syntax by @ElementalWarrior in #318 Full Changelog: ankitpokhrel/jira-cli@v0.3.0...v1.0.0
netgate-git-updates
pushed a commit
that referenced
this pull request
Mar 31, 2023
ChangeLog: https://github.com/cbsd/reggae/releases/tag/0.3.5 * Be more aggressive in destroying epair by @mekanix in #304 * Handle case when hostname is empty by @mekanix in #305 PR: 270548 Reported by: meka@tilda.center (maintainer)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Transparent proxy:
Non-transparent proxy:
Others:
XMLRPC
For a quick idea, here's a comparison of rules generated by the old and new code, with a really simple setup:
proxy ports default 3128/3129
Old rules
New rules