extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-25 12:13:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '4.5.12'

Browse Source
This commit is contained in:
Tom Eastep 2013-01-12 07:08:54 -08:00
commit 23a188f765
13 changed files with 42 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall/Perl/Shorewall/Accounting.pm
View File

@ -3,7 +3,7 @@
# #
# This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
# #
# (c) 2007,2008,2009,2010,2011 - Tom Eastep (teastep@shorewall.net) # (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net)
# #
# Complete documentation is available at http://shorewall.net # Complete documentation is available at http://shorewall.net
# #

19
Shorewall/Perl/Shorewall/Chains.pm
View File

@ -3,7 +3,7 @@
# #
# This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
# #
# (c) 2007,2008,2009,2010,2011,2012 - Tom Eastep (teastep@shorewall.net) # (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net)
# #
# Complete documentation is available at http://shorewall.net # Complete documentation is available at http://shorewall.net
# #
@ -1419,9 +1419,20 @@ sub delete_chain_and_references( $ ) {
# We're going to delete this chain but first, we must delete all references to it. # We're going to delete this chain but first, we must delete all references to it.
# #
my $tableref = $chain_table{$chainref->{table}}; my $tableref = $chain_table{$chainref->{table}};
my $name1 = $chainref->{name}; my $name = $chainref->{name};
for ( @{$chainref->{rules}} ) {
decrement_reference_count( $tableref->{$_->{target}}, $name1 ) if $_->{target}; while ( my ( $chain, $references ) = each %{$chainref->{references}} ) {
#
# Delete all rules from $chain that have $name as their target
#
my $chain1ref = $tableref->{$chain};
$chain1ref->{rules} = [ grep ( ( $_->{target} || '' ) ne $name, @{$chain1ref->{rules}} ) ];
}
#
# Now decrement the reference count of all targets of this chain's rules
#
for ( grep $_, ( map( $_->{target}, @{$chainref->{rules}} ) ) ) {
decrement_reference_count( $tableref->{$_}, $name );
} }
delete_chain $chainref; delete_chain $chainref;

2
Shorewall/Perl/Shorewall/Compiler.pm
View File

@ -4,7 +4,7 @@
# #
# This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
# #
# (c) 2007,2008,2009,2010,2011,2012 - Tom Eastep (teastep@shorewall.net) # (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net)
# #
# Complete documentation is available at http://shorewall.net # Complete documentation is available at http://shorewall.net
# #

6
Shorewall/Perl/Shorewall/Config.pm
View File

@ -3,7 +3,7 @@
# #
# This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
# #
# (c) 2007,2008,2009,2010,2011,2012 - Tom Eastep (teastep@shorewall.net) # (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net)
# #
# Complete documentation is available at http://shorewall.net # Complete documentation is available at http://shorewall.net
# #
@ -1128,8 +1128,8 @@ sub cleanup() {
for ( my $i = @openstack - 1; $i >= 0; $i-- ) { for ( my $i = @openstack - 1; $i >= 0; $i-- ) {
my $istack = $openstack[$i]; my $istack = $openstack[$i];
for ( my $j = ( @$istack - 1 ); $j >= 0; $j-- ) { for ( my $j = ( @$istack - 1 ); $j >= 0; $j-- ) {
my $info = $istack->[$j]; my $info = $istack->[$j][0];
close $info->[0]; close $info if $info;
} }
} }
} }

2
Shorewall/Perl/Shorewall/Misc.pm
View File

@ -3,7 +3,7 @@
# #
# This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
# #
# (c) 2007,2008,2009,2010,2011,2012 - Tom Eastep (teastep@shorewall.net) # (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net)
# #
# Complete documentation is available at http://shorewall.net # Complete documentation is available at http://shorewall.net
# #

2
Shorewall/Perl/Shorewall/Nat.pm
View File

@ -3,7 +3,7 @@
# #
# This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
# #
# (c) 2007,2008,2009,2010,2011 - Tom Eastep (teastep@shorewall.net) # (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net)
# #
# Complete documentation is available at http://shorewall.net # Complete documentation is available at http://shorewall.net
# #

2
Shorewall/Perl/Shorewall/Raw.pm
View File

@ -3,7 +3,7 @@
# #
# This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
# #
# (c) 2009,2010,2011 - Tom Eastep (teastep@shorewall.net) # (c) 2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net)
# #
# Complete documentation is available at http://shorewall.net # Complete documentation is available at http://shorewall.net
# #

4
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -3,7 +3,7 @@
# #
# This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
# #
# (c) 2007,2008,2009,2010,2011,2012 - Tom Eastep (teastep@shorewall.net) # (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net)
# #
# Complete documentation is available at http://shorewall.net # Complete documentation is available at http://shorewall.net
# #
@ -2385,7 +2385,7 @@ sub process_rule1 ( $$$$$$$$$$$$$$$$$$ ) {
} }
fatal_error "$basictarget rules are not allowed in the $section SECTION" if $actiontype & ( NATRULE | NONAT ); fatal_error "$basictarget rules are not allowed in the $section SECTION" if $actiontype & ( NATRULE | NONAT );
$rule .= "$globals{STATEMATCH} ESTABLISHED" if $section == ESTABLISHED_SECTION; $rule .= "$globals{STATEMATCH} ESTABLISHED " if $section == ESTABLISHED_SECTION;
} }
# #
# Generate CT rules(s), if any # Generate CT rules(s), if any

2
Shorewall/Perl/Shorewall/Tc.pm
View File

@ -3,7 +3,7 @@
# #
# This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
# #
# (c) 2007,2008,2009,2010,2011 - Tom Eastep (teastep@shorewall.net) # (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net)
# #
# Traffic Control is from tc4shorewall Version 0.5 # Traffic Control is from tc4shorewall Version 0.5
# (c) 2005 Arne Bernin <arne@ucbering.de> # (c) 2005 Arne Bernin <arne@ucbering.de>

2
Shorewall/Perl/lib.core
View File

@ -1324,4 +1324,4 @@ clear_firewall() {
logger -p kern.info "$g_product Cleared" logger -p kern.info "$g_product Cleared"
} }
?endif ?endif # IPv6-specific functions.

2
docs/configuration_file_basics.xml
View File

@ -18,7 +18,7 @@
<pubdate><?dbtimestamp format="Y/m/d"?></pubdate> <pubdate><?dbtimestamp format="Y/m/d"?></pubdate>
<copyright> <copyright>
<year>2001-2012</year> <year>2001-2013</year>
<holder>Thomas M. Eastep</holder> <holder>Thomas M. Eastep</holder>
</copyright> </copyright>

20
docs/traffic_shaping.xml
View File

@ -24,7 +24,7 @@
<pubdate><?dbtimestamp format="Y/m/d"?></pubdate> <pubdate><?dbtimestamp format="Y/m/d"?></pubdate>
<copyright> <copyright>
<year>2001-2009</year> <year>2001-2013</year>
<holder>Thomas M. Eastep</holder> <holder>Thomas M. Eastep</holder>
</copyright> </copyright>
@ -223,10 +223,10 @@
<para>This screen shot shows how I configured QoS in a 2.6.16 <para>This screen shot shows how I configured QoS in a 2.6.16
Kernel:</para> Kernel:</para>
<graphic align="center" fileref="images/traffic_shaping2.6.png"/> <graphic align="center" fileref="images/traffic_shaping2.6.png" />
<para>And here's my recommendation for a 2.6.21 kernel:<graphic <para>And here's my recommendation for a 2.6.21 kernel:<graphic
align="center" fileref="images/traffic_shaping2.6.21.png"/></para> align="center" fileref="images/traffic_shaping2.6.21.png" /></para>
</section> </section>
<section id="Shorewall"> <section id="Shorewall">
@ -497,7 +497,7 @@
</itemizedlist> </itemizedlist>
<example id="Example0"> <example id="Example0">
<title/> <title></title>
<para>Suppose you are using PPP over Ethernet (DSL) and ppp0 is the <para>Suppose you are using PPP over Ethernet (DSL) and ppp0 is the
interface for this. The device has an outgoing bandwidth of 500kbit interface for this. The device has an outgoing bandwidth of 500kbit
@ -1254,7 +1254,7 @@ ppp0 6000kbit 500kbit</programlisting>
</itemizedlist> </itemizedlist>
<example id="Example1"> <example id="Example1">
<title/> <title></title>
<para>All packets arriving on eth1 should be marked with 1. All <para>All packets arriving on eth1 should be marked with 1. All
packets arriving on eth2 and eth3 should be marked with 2. All packets packets arriving on eth2 and eth3 should be marked with 2. All packets
@ -1268,7 +1268,7 @@ ppp0 6000kbit 500kbit</programlisting>
</example> </example>
<example id="Example2"> <example id="Example2">
<title/> <title></title>
<para>All GRE (protocol 47) packets destined for 155.186.235.151 <para>All GRE (protocol 47) packets destined for 155.186.235.151
should be marked with 12.</para> should be marked with 12.</para>
@ -1278,7 +1278,7 @@ ppp0 6000kbit 500kbit</programlisting>
</example> </example>
<example id="Example3"> <example id="Example3">
<title/> <title></title>
<para>All SSH request packets originating in 192.168.1.0/24 and <para>All SSH request packets originating in 192.168.1.0/24 and
destined for 155.186.235.151 should be marked with 22.</para> destined for 155.186.235.151 should be marked with 22.</para>
@ -1288,7 +1288,7 @@ ppp0 6000kbit 500kbit</programlisting>
</example> </example>
<example id="Example4"> <example id="Example4">
<title/> <title></title>
<para>All SSH packets packets going out of the first device in in <para>All SSH packets packets going out of the first device in in
/etc/shorewall/tcdevices should be assigned to the class with mark /etc/shorewall/tcdevices should be assigned to the class with mark
@ -1301,7 +1301,7 @@ ppp0 6000kbit 500kbit</programlisting>
</example> </example>
<example id="Example5"> <example id="Example5">
<title/> <title></title>
<para>Mark all ICMP echo traffic with packet mark 1. Mark all peer to <para>Mark all ICMP echo traffic with packet mark 1. Mark all peer to
peer traffic with packet mark 4.</para> peer traffic with packet mark 4.</para>
@ -1334,7 +1334,7 @@ SAVE 0.0.0.0/0 0.0.0.0/0 all - - -
</example> </example>
<example> <example>
<title/> <title></title>
<para>Mark all forwarded VOIP connections with connection mark 1 and <para>Mark all forwarded VOIP connections with connection mark 1 and
ensure that all VOIP packets also receive that mark (assumes that ensure that all VOIP packets also receive that mark (assumes that

6
docs/upgrade_issues.xml
View File

@ -33,9 +33,11 @@
<year>2012</year> <year>2012</year>
<year>2013</year>
<holder>Thomas M. Eastep</holder> <holder>Thomas M. Eastep</holder>
<holder/> <holder></holder>
</copyright> </copyright>
<legalnotice> <legalnotice>
@ -163,7 +165,7 @@
<para>?ENDIF.</para> <para>?ENDIF.</para>
</blockquote> </blockquote>
<para/> <para></para>
</listitem> </listitem>
<listitem> <listitem>