Commit message (Collapse) | Author | Age | Files | |
---|---|---|---|---|
* | Convert firewall to nftables. | Guilhem Moulin | 2020-01-23 | 1 |
| | | | | Debian Buster uses the nftables framework by default. | |||
* | Reformulate the headers showing the license. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | | To be clearer, and to follow the recommendation of the FSF, we include a full header rather than a single sentence. | |||
* | Use a dedicated, non-routable, IPv4 for IPSec. | Guilhem Moulin | 2015-06-07 | 1 |
At the each IPSec end-point the traffic is DNAT'ed to / MASQUERADE'd from our dedicated IP after ESP decapsulation. Also, some IP tables ensure that alien (not coming from / going to the tunnel end-point) is dropped. |