Guillaume Castagnino
|
e0cf19757d
|
route ldap through vpn
|
2024-02-03 06:41:25 +01:00 |
|
Guillaume Castagnino
|
a40a9efee4
|
conf for docker
|
2023-11-22 11:31:38 +01:00 |
|
Guillaume Castagnino
|
03685e71c4
|
allow k8s
|
2023-10-24 09:50:50 +02:00 |
|
Guillaume Castagnino
|
a3b3bad4fd
|
rules for internal network inc vm was lost somewhere
|
2023-07-19 13:07:34 +02:00 |
|
Guillaume Castagnino
|
f3687c8fa6
|
open port for http3
|
2023-06-23 19:30:51 +02:00 |
|
Guillaume Castagnino
|
d6b3e24f0a
|
fix vpn range
|
2023-06-10 06:44:43 +02:00 |
|
Guillaume Castagnino
|
a0c909299f
|
fix range
|
2023-06-08 12:02:53 +02:00 |
|
Guillaume Castagnino
|
30b5eef574
|
align
|
2023-06-02 17:12:56 +02:00 |
|
Guillaume Castagnino
|
a6189a6f43
|
drop eth1
|
2023-06-02 17:09:11 +02:00 |
|
Guillaume Castagnino
|
cf93278433
|
up ew vpn
|
2023-06-02 16:08:42 +02:00 |
|
Guillaume Castagnino
|
e71832a8fb
|
update for new vpn
|
2023-06-02 16:08:05 +02:00 |
|
Guillaume Castagnino
|
dcf60578ec
|
up wg
|
2023-04-20 14:55:44 +02:00 |
|
Guillaume Castagnino
|
27142d6b6e
|
purge ubika from yavin (old laptop)
|
2023-04-20 14:40:52 +02:00 |
|
Guillaume Castagnino
|
c9fe45d4aa
|
fork bespin
|
2023-04-20 08:54:11 +02:00 |
|
Guillaume Castagnino
|
8560e9724a
|
relax ssh rate limiting, often hit with git
|
2023-03-17 10:29:49 +01:00 |
|
Guillaume Castagnino
|
4cdfa02ba2
|
feat: open pop3s
|
2022-11-24 09:52:02 +01:00 |
|
Guillaume Castagnino
|
072809e931
|
restrict wlan to net
|
2022-11-17 11:45:17 +01:00 |
|
Guillaume Castagnino
|
810095c313
|
add wlan
|
2022-11-12 11:00:11 +01:00 |
|
Guillaume Castagnino
|
5ab7b285f8
|
update ipv6 range
|
2022-10-07 15:57:44 +02:00 |
|
Guillaume Castagnino
|
3b9a4c1ba7
|
comment avahi stuff
|
2022-08-31 09:21:52 +02:00 |
|
Guillaume Castagnino
|
e47544c091
|
allow to contact docker, allow docker to reach ubika
|
2022-08-25 10:39:43 +02:00 |
|
Guillaume Castagnino
|
d23e7c555e
|
add spice
|
2022-08-22 15:18:38 +02:00 |
|
Guillaume Castagnino
|
f56e6db443
|
rules cleanup, allow remote spice inside VPN network (ssh tunnel currently broken)
|
2022-08-22 11:07:59 +02:00 |
|
Guillaume Castagnino
|
1822a998da
|
allow direct spice connection without ssh tunelling (currently broken within virt-manager)
|
2022-08-22 11:00:27 +02:00 |
|
Guillaume Castagnino
|
ecee68e805
|
Revert "open ldap for davmail"
This reverts commit 13419a1629 .
|
2022-08-11 17:51:54 +02:00 |
|
Guillaume Castagnino
|
13419a1629
|
open ldap for davmail
|
2022-08-10 14:59:53 +02:00 |
|
Guillaume Castagnino
|
54d56417bf
|
add ovh
|
2022-06-10 17:30:43 +02:00 |
|
Guillaume Castagnino
|
738686a763
|
update preprod ip
|
2022-06-02 14:13:34 +02:00 |
|
Guillaume Castagnino
|
08b4ea4be0
|
drop RS networks
|
2022-03-31 17:00:15 +02:00 |
|
Guillaume Castagnino
|
4c388a86d6
|
update bespin fw rules
|
2022-03-29 16:11:43 +02:00 |
|
Guillaume Castagnino
|
43e86f047e
|
move docker
|
2022-03-21 14:34:47 +01:00 |
|
Guillaume Castagnino
|
676523e535
|
allow vsphere preprod
|
2022-03-02 20:59:04 +01:00 |
|
Guillaume Castagnino
|
09e62a34be
|
update vpn rules
|
2022-02-15 13:35:34 +01:00 |
|
Guillaume Castagnino
|
29f01e301c
|
adapt for new VPN
|
2022-02-15 13:06:33 +01:00 |
|
Guillaume Castagnino
|
874b341580
|
drop ldap
|
2021-11-14 16:45:41 +01:00 |
|
Guillaume Castagnino
|
50ae4e0411
|
add counter
|
2021-10-20 12:03:43 +02:00 |
|
Guillaume Castagnino
|
60144e0c99
|
add ftp helper
|
2021-10-20 08:37:26 +02:00 |
|
Guillaume Castagnino
|
8e7949070d
|
drop remaining defailt policy, add comments in generated file to ease reading
|
2021-10-18 08:48:13 +02:00 |
|
Guillaume Castagnino
|
b436721e11
|
put uname in generated file
|
2021-10-16 19:20:24 +02:00 |
|
Guillaume Castagnino
|
2faf42e335
|
move scripts, remove obsolete one
|
2021-10-16 15:34:57 +02:00 |
|
Guillaume Castagnino
|
f6321e9f7f
|
allow to override rules to generate for other rulesets in debug mode, add nft check
|
2021-10-16 15:33:08 +02:00 |
|
Guillaume Castagnino
|
f41e46b8df
|
fix ifname syntax
|
2021-10-16 15:20:30 +02:00 |
|
Guillaume Castagnino
|
353a12bee7
|
do not load rules from perl script, use it as a nft script generator, it allows atomic loading right with the correct default policy from the beginning instead of modifying afterwards
|
2021-10-16 15:16:55 +02:00 |
|
Guillaume Castagnino
|
a65f46a546
|
fix last ranges
|
2021-10-15 07:28:23 +02:00 |
|
Guillaume Castagnino
|
8f29ce0780
|
fix rules
|
2021-10-14 17:05:21 +02:00 |
|
Guillaume Castagnino
|
bac85e5ebb
|
fix rate limit rules, drop over so that rules can flow on next rules
|
2021-10-14 09:57:17 +02:00 |
|
Guillaume Castagnino
|
069819b653
|
the drop rule is not needed as it’s dropped by the default policy
|
2021-10-14 09:09:33 +02:00 |
|
Guillaume Castagnino
|
f7b27ce62c
|
group dropped icmp types
|
2021-10-14 08:59:53 +02:00 |
|
Guillaume Castagnino
|
1aa128338d
|
explicitely drop invalid packets at the beginning, will avoid undesirables effects if I decide to reject
|
2021-10-14 07:43:04 +02:00 |
|
Guillaume Castagnino
|
bc6498ff84
|
explicitely drop invalid packets at the beginning, will avoid undesirables effects if I decide to reject
|
2021-10-14 07:42:05 +02:00 |
|