]> git.openstreetmap.org Git - chef.git/history - cookbooks/networking
mediawiki: Use less aggressive DNSBLs
[chef.git] / cookbooks / networking /
2024-06-26 Tom HughesFix online detection for bond interfaces
2024-05-13 Tom HughesMerge remote-tracking branch 'github/pull/670'
2024-05-13 Grant Slaternetworking: do not wait for wireguard to be online
2024-04-24 Grant Slatersystemd-networkd-wait-online waiting for timeout in...
2024-03-20 Grant Slaternetworking: ensure nftables script checks input
2024-03-19 Grant Slaternetworking: add flush command to nftables script
2024-03-10 Tom HughesRemove ifupdown to stop it trying to manage the network
2023-08-08 Tom HughesExempt OSM machines from HTTP rate limits
2023-06-20 Tom HughesMerge remote-tracking branch 'github/pull/590'
2023-06-15 Grant Slaternetworking: install systemd-resolved when required
2023-05-24 Tom HughesUse source routing to pick the correct external network...
2023-05-24 Tom HughesAllow network interfaces to override role attributes
2023-03-24 Tom HughesMake sure meraxes holds a DHCPv6 lease
2023-03-21 Tom HughesRemove netplan support
2023-03-21 Tom HughesSwitch remaining machines to use systemd-networkd
2023-03-21 Tom HughesIgnore additional routes that point at ourselves
2023-03-20 Tom HughesFix typo
2023-03-20 Tom HughesDon't try and recreate bond and vlan devices
2023-03-20 Tom HughesUse correct gateway for additional routes
2023-03-20 Tom HughesAdd support for using systemd-networkd directly instead...
2023-03-20 Tom HughesImprove naming of wireguard configuration files
2023-03-20 Tom HughesDrop support for Ubuntu 18.04
2023-03-18 Tom HughesFix nftable stop on gateway machines
2023-03-18 Tom HughesEnable implicit conversion of addresses to strings
2023-03-18 Tom HughesCoerce addresses to strings
2023-03-18 Tom HughesAdd comparison operator for IP addresses
2023-03-18 Tom HughesMerge interface families
2023-03-12 Tom HughesAdd tools to block and unblock addresses
2023-03-12 Tom HughesPreserve blocklists over firewall restarts
2023-03-12 Tom HughesRemove unused template
2023-03-11 Tom HughesGeneralise configuration of firewall sets
2023-03-11 Tom HughesFix newline suppression in ERB template
2023-03-11 Tom HughesRefactor firewall rules to simplify IPv4/IPv6 handling
2023-03-08 Tom HughesDon't filter outgoing multicast packets
2023-03-07 Tom HughesFix icmp echo rate limiting
2023-03-07 Tom HughesReintroduce helper support and implement it
2023-03-07 Tom HughesSimplify rate limit and connection limit configuration
2023-03-07 Tom HughesDrop unused support for conntrack helpers
2023-03-07 Tom HughesDrop tcp vs tcp:syn distinction
2023-03-07 Tom HughesMerge http and https rules
2023-03-07 Tom HughesSimpligy configuration of port numbers in firewall...
2023-03-07 Tom HughesUse interval sets for blocklists
2023-03-07 Tom HughesRename firewall tables to avoid any clash with iptables
2023-03-06 Tom HughesDrop test override that is no longer needed
2023-03-06 Tom HughesDrop support for shorewall
2023-03-05 Tom HughesDon't expire connection limit sets
2023-03-05 Tom HughesExpire rate limit sets
2023-03-05 Tom HughesRemove size limits on firewall sets
2023-03-05 Tom HughesEnable rate limits
2023-03-05 Tom HughesEnable connections limits on a per-source basis
2023-03-05 Tom HughesDisable rate and connection limits
2023-03-05 Tom HughesAllow AWS DNS queries through the firewall
2023-03-05 Tom HughesSwitch remaining servers to nftables
2023-03-05 Tom HughesMatch interfaces by name so we can start nftables befor...
2023-03-05 Tom HughesLimit NAT to IPv4 interfaces
2023-03-04 Tom HughesFix typo
2023-03-04 Tom HughesFix flag matches to work on 20.04
2023-03-04 Tom HughesHandle machines with no external interface
2023-03-04 Tom HughesBlock unspecified and multicast addresses on the outside
2023-03-04 Tom HughesLimit echo on a per source basis
2023-03-04 Tom HughesMake nftables block various invalid TCP flag combinations
2023-03-04 Tom HughesDon't log rate limited echo request packets
2023-03-04 Tom HughesAvoid dropping third party tables when stopping an...
2023-03-04 Tom HughesEliminate need for dummy addresses in when running...
2023-03-04 Tom HughesRevert "Only flush our table to avoid disrupting other...
2023-03-04 Tom HughesOnly flush our table to avoid disrupting other nftables...
2023-03-04 Tom HughesUse named sets for OSM IP addresses
2023-03-04 Tom HughesFix port range syntax for nftables
2023-03-04 Tom HughesDon't bother disabling shorewall before we remove it
2023-03-04 Tom HughesFix typo
2023-03-04 Tom HughesUse strings for network families
2023-03-04 Tom HughesAdd support for using an nftables based firewall
2023-01-19 Tom HughesDrop wireguard tunnels from shenron to data centres
2022-12-10 Tom HughesMerge remote-tracking branch 'github/pull/528'
2022-12-04 Grant SlaterDo not install recommends for wireguard-tools
2022-10-20 Tom HughesOnly configure a primary slave in active-backup mode
2022-10-12 Grant Slatershorewall: minor config align to upstream
2022-09-24 Tom HughesLimit wireguard special casing to shenron
2022-08-03 Tom HughesMerge remote-tracking branch 'github/pull/514'
2022-08-02 Grant SlaterMerge remote-tracking branch 'tigerfell/pr257'
2022-08-01 Grant Slaterwireguard: use keepalive by default to survive NAT
2022-07-28 Grant Slaternetworking: add endpoint for my roaming device
2022-07-28 Grant Slaternetworking: grant roaming wg correct key
2022-07-28 Grant Slaternetworking: Add grant roaming wg
2022-07-11 Tom HughesUpdate shorewall to use snat configuration file instead...
2022-07-08 Grant SlaterUse Google DNS instead of Cloudflare
2021-11-10 Tom HughesUse kitchen? instead of looking for TEST_KITCHEN in...
2021-10-19 Grant SlaterAdd firefishy wireguard peer
2021-10-05 Tom HughesMark slave interfaces in a bond as optional
2021-09-26 Tom HughesAvoid installing a private network default route on...
2021-09-25 Tom HughesCleanup any netplan config created by the Ubuntu installer
2021-09-19 Tom HughesAdd equinix-dub role
2021-08-26 Tom HughesFix new cookstyle warnings
2021-08-25 Tom HughesMerge remote-tracking branch 'github/pull/440'
2021-08-25 Grant SlaterAdd shorewall stoppedrules support
2021-08-25 Grant SlaterOverride systemd shorewall to not use clear
2021-08-25 Grant SlaterAdd docker support to shorewall
2021-05-14 Tom HughesEnable unified mode for custom resources
2021-05-11 Tom HughesSort wireguard peers to keep file content stable
2021-03-09 TigerfellMerge branch 'patch-2' of https://github.com/Tigerfell...
next