rc/friwall
2
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
64 commits 1 branch 0 tags 160 KiB
Commit graph

26 commits

Author SHA1 Message Date
Timotej Lazar d123db4e64 Consolidate NAT and VPN settings into IP sets 
I have tried every possible permutation and I think this is the one.

NetBox-managed IP prefixes are pushed with ansible to firewall master.
The managed prefixes are added to custom IP sets defined in the app,
but only NAT addresses and VPN groups can be configured for them.

This way all NAT and VPN policy is (again) configured in the app. Also
both NetBox-managed and user-defined networks are treated the same.

Also improve^Wtweak config generation. Also templates.
 2024-04-30 20:57:46 +02:00
Timotej Lazar f8d71b7b06 vpn: fix key name regex 2024-04-25 12:32:39 +02:00
Timotej Lazar 2ebc87f308 firewall: tweak instructions some more 2024-04-24 10:29:49 +02:00
Timotej Lazar 880c6b4140 friwall: tweak instructions 
For no particularly good reason.
 2024-04-23 12:38:32 +02:00
Timotej Lazar 85714f83b9 Warn about deleting key for active connection 2023-12-10 13:21:52 +01:00
Timotej Lazar ff2246df8c vpn: configure IPv6 addresses for WG clients 2023-12-08 17:12:37 +01:00
Timotej Lazar c09410f731 Show allowed characters when creating new WG key 2023-10-03 11:38:07 +02:00
Timotej Lazar ea6ca9b55d Tweak HTML templates 2023-09-15 14:57:42 +02:00
Timotej Lazar d704202e6e Parametrize wg.conf template 2023-09-15 14:24:22 +02:00
Timotej Lazar 9dc0fbb4fe Switch to OIDC authentication 2023-09-07 11:46:57 +02:00
Timotej Lazar 5add39a8a7 Add form for editing ipsets 2023-07-24 16:43:57 +02:00
Timotej Lazar 8c824fe9e6 Improve admin settings page 
The improvements are mostly cosmetic^Wquestionable.
 2023-07-07 13:23:51 +02:00
Timotej Lazar dd607dbddd Add a nicer response for TimeoutError 2023-07-07 10:15:02 +02:00
Timotej Lazar 6b72316076 Add node status page 2023-07-07 10:13:55 +02:00
Timotej Lazar 5262c64244 Add form for editing NAT addresses 2023-07-07 08:20:35 +02:00
Timotej Lazar 8b8c675759 Rename networks.json to ipsets.json 
Getting ready for some changes.
 2023-07-06 16:28:15 +02:00
Timotej Lazar 1ff6c9d0d3 Tweak templates for editing and managing rules 2023-07-04 12:18:01 +02:00
Timotej Lazar 765d4a3ce7 Add support for managing forwarding rules 2023-05-29 12:24:21 +02:00
Timotej Lazar 9272b3f8e3 Improve landing page slightly 2023-05-19 09:00:01 +02:00
Timotej Lazar aeae0f8a29 Rework NAT settings again 2023-05-19 08:31:49 +02:00
Timotej Lazar 968a2736d2 Rework NAT settings 
Support static NAT for L2 server networks. Also some other minor
tweaks.
 2023-05-11 10:37:54 +02:00
Timotej Lazar 9476a28674 Rename “comment”→“name” in wg key config 2023-04-24 09:54:23 +02:00
Timotej Lazar f8c9341315 wg-fri.conf: keep standard AllowedIPs even when allowing all traffic 
So it is easier to change later if needed.
 2023-04-06 10:19:35 +02:00
Timotej Lazar 42b16c8ac5 Fix whitespace in wireguard config template 2023-02-06 16:58:59 +01:00
Timotej Lazar 3cf207047e Remove unimplemented DNAT settings 
For now.
 2023-01-26 16:28:32 +01:00
Timotej Lazar 113992f95b Make a squash 2023-01-26 10:51:51 +01:00