pf::iptables - module for iptables rules management.
pf::iptables contains the functions necessary to manipulate the iptables rules used when using PacketFence in ARP or DHCP mode.
pf.conf configuration file and iptables template iptables.conf.
TODO: This list is incomplete
Constructor
Creating proper source interface matches to jump to the right chains for proper enforcement method.
Handling both FILTER and NAT tables at the same time.
Creating the proper firewall rules to allow Google/Facebook OAuth2 and passthrough domain
Creating proper source interface matches to jump to the right chains for inline enforcement method.
This sub lives under the guarantee that there is a change, that if old_mark == new_mark it won't be called
These were features of the previous arp | dhcp modes that were not re-implemented for the reintroduction of the inline mode because of time constraints.
Update session when the ip address change
Return the list of network interface to enable SNAT.
Return the list of network interface to enable SNAT for passthrough.
Creating porper source interface matches to jump to the right chains for vlan enforcement method.
Inverse inc. <info@inverse.ca>
Minor parts of this file may have been contributed. See CREDITS.
Copyright (C) 2005-2015 Inverse inc.
Copyright (C) 2005 Kevin Amorin
Copyright (C) 2005 David LaPorte
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.