issues
search
metal-stack
/
firewall-controller
A kubernetes controller running on bare-metal firewalls, creating nftables rules, configures suricata, collects network metrics
MIT License
47
stars
4
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Remove ipv4 only address to cidr calculations
#189
majst01
closed
3 days ago
0
Update go, dependencies and fix linter warnings
#188
majst01
closed
1 month ago
0
Handle A and AAAA records TTL properly in dnscache
#187
mreiger
opened
1 month ago
0
DNS-based CWNPs not reliable on hostnames with constantly changing IPs
#186
mreiger
opened
1 month ago
1
Update deps, fix typos
#185
majst01
closed
2 months ago
0
Use headless service for nftables-exporter and node-exporter
#184
robertvolkmann
opened
2 months ago
0
Detect client bufsize and truncate/compress the reply accordingly
#183
mreiger
closed
2 months ago
1
randomize snat source ports for static egress IPs
#182
mwennrich
closed
4 months ago
0
build with metal-networker@v0.43.1
#181
mwennrich
closed
5 months ago
0
source port reuse in egress masquerading
#180
mwennrich
closed
5 months ago
0
Move all DNS proxy related rules into single nftables table.
#179
Gerrit91
opened
6 months ago
0
Update dependencies including controller-runtime.
#178
Gerrit91
closed
6 months ago
0
Fix DNS based CWNPs for network-isolated Clusters
#177
vknabel
closed
6 months ago
0
Update most go dependencies
#176
majst01
closed
7 months ago
0
Migrate to slog
#175
majst01
closed
9 months ago
0
Properly refresh fqdn_state of DNS-based CWNPs
#174
mreiger
closed
9 months ago
1
Stale state in DNS-based CWNPs
#173
mreiger
closed
9 months ago
0
First draft of forbidden mode for isolated clusters
#172
majst01
closed
8 months ago
2
Set last seed updated in controllerstatus
#171
majst01
closed
12 months ago
1
Cleanup code from controller migration.
#170
Gerrit91
closed
12 months ago
0
Fix module version
#169
majst01
closed
1 year ago
0
Reconcile firewall at least every three minutes.
#168
Gerrit91
closed
1 year ago
0
After firewall-update, nftables/node_exporter endpoints point to wrong ip address
#167
mwennrich
closed
1 year ago
0
Implement webhook server.
#166
Gerrit91
opened
1 year ago
0
set conntrack max and hashsize on startup
#165
majst01
closed
1 year ago
0
Update to go-1.21
#164
majst01
closed
1 year ago
0
package drops despite egress rule
#163
JoergReinhold
closed
1 year ago
5
Retry update on firewall-monitor resource.
#162
Gerrit91
closed
1 year ago
0
tcpmss clamping in egress policies
#161
chbmuc
opened
1 year ago
0
Support MSS Clamping definition through CWNP
#160
majst01
opened
1 year ago
0
Remove dependency from GEPM.
#159
Gerrit91
closed
1 year ago
0
Add a flowtable to speed up forwarding
#158
majst01
opened
1 year ago
0
accelerate forwarding by using nftables flowtables.
#157
majst01
closed
1 year ago
1
Implement shoot migration.
#156
Gerrit91
opened
1 year ago
0
Implement SSH key rotation.
#155
Gerrit91
closed
1 year ago
0
Implement SSH Key Rotation
#154
Gerrit91
closed
1 year ago
0
Consider dns ebpf based snooping
#153
majst01
opened
1 year ago
0
use secrets generated by secretsmanager
#152
mwennrich
closed
1 year ago
0
default to any for empty fields is not working anymore
#151
mwennrich
opened
1 year ago
0
Make CWNP Validation more strict
#150
majst01
opened
1 year ago
1
Fix updater causing restarts.
#149
Gerrit91
closed
1 year ago
0
Fix reconciliation triggers.
#148
Gerrit91
closed
1 year ago
0
auto-restart of firewall-controller every 5 minutes
#147
mwennrich
closed
1 year ago
0
dns-based cwnp only in effect if changed after creation
#146
mwennrich
closed
1 year ago
1
Pattern matching behavior changed / is partially broken
#145
Gerrit91
closed
1 year ago
3
Replace multierr
#144
majst01
closed
1 year ago
0
Consider configured ips from install.yaml as always required
#143
majst01
closed
1 year ago
0
Do not ignore error when reading link by name.
#142
Gerrit91
closed
1 year ago
0
Update nftables exporter
#141
majst01
closed
1 year ago
0
Bump golang.org/x/net from 0.2.0 to 0.7.0
#140
dependabot[bot]
closed
1 year ago
1
Next