Timotej Lazar
abc7a0728b
Generate ipsets for network groups
...
Like office and server.
2023-10-03 13:36:58 +02:00
Timotej Lazar
719bcf7c55
Improve LDAP lookup of user groups
2023-09-07 15:02:08 +02:00
Timotej Lazar
4ef3efbc68
Handle exceptions when sending mail
2023-07-07 09:04:17 +02:00
Timotej Lazar
5262c64244
Add form for editing NAT addresses
2023-07-07 08:20:35 +02:00
Timotej Lazar
8b8c675759
Rename networks.json to ipsets.json
...
Getting ready for some changes.
2023-07-06 16:28:15 +02:00
Timotej Lazar
5e65755ec0
Add error reporting over email and improve logging
2023-07-03 16:01:14 +02:00
Timotej Lazar
b55ae4d305
Use a script on firewall nodes to update config
...
So we can get some feedback to firewall master.
2023-06-28 14:17:39 +02:00
Timotej Lazar
4fb2d2c732
Add version number to config tarballs
...
Preparing to rework the updater script.
2023-06-26 18:26:35 +02:00
Timotej Lazar
5ba9c03e23
Don’t print empty element lists in nftables
...
Because nft chokes on them.
2023-06-26 10:15:03 +02:00
Timotej Lazar
6780f074c7
Support IPv6 sets
...
Also some unrelated cleanups in system.save_config.
2023-05-29 13:00:39 +02:00
Timotej Lazar
765d4a3ce7
Add support for managing forwarding rules
2023-05-29 12:24:21 +02:00
Timotej Lazar
52a5b7cd11
Use iif/oif instead of iifname/oifname in nftables rules
...
Following the change in ansible scripts.
2023-05-23 11:31:13 +02:00
Timotej Lazar
22cec64bef
Simplify database locking
...
Use a single lock for everything to ensure we don’t go inconsistent.
One exception is the firewall nodes table which is only accessed when
pushing updated config.
2023-05-19 09:30:28 +02:00
Timotej Lazar
aeae0f8a29
Rework NAT settings again
2023-05-19 08:31:49 +02:00
Timotej Lazar
968a2736d2
Rework NAT settings
...
Support static NAT for L2 server networks. Also some other minor
tweaks.
2023-05-11 10:37:54 +02:00
Timotej Lazar
2793385693
Rename some bound variables
2023-04-07 22:51:38 +02:00
Timotej Lazar
931cd3f8c1
Store generated configs in $HOME
...
And move app to ~/app.
2023-04-07 14:20:54 +02:00
Timotej Lazar
bba8193e14
Fix locking
...
Or maybe break it further.
2023-04-06 10:04:30 +02:00
Timotej Lazar
539c6ef739
Clean up imports
2023-01-26 16:28:36 +01:00
Timotej Lazar
388061130e
Decrease SSH timeout when pushing config to nodes
2023-01-26 16:15:08 +01:00
Timotej Lazar
113992f95b
Make a squash
2023-01-26 10:51:51 +01:00