summaryrefslogtreecommitdiffstats
path: root/roles/common/files/etc/network/if-post-down.d/iptables
Commit message (Collapse)AuthorAgeFiles
* Convert firewall to nftables.Guilhem Moulin2020-01-231
| | | | Debian Buster uses the nftables framework by default.
* Reformulate the headers showing the license.Guilhem Moulin2015-06-071
| | | | | To be clearer, and to follow the recommendation of the FSF, we include a full header rather than a single sentence.
* Use a dedicated, non-routable, IPv4 for IPSec.Guilhem Moulin2015-06-071
At the each IPSec end-point the traffic is DNAT'ed to / MASQUERADE'd from our dedicated IP after ESP decapsulation. Also, some IP tables ensure that alien (not coming from / going to the tunnel end-point) is dropped.