mirror of
https://gitlab.com/shorewall/code.git
synced 2025-06-21 18:21:27 +02:00
Add log limiting to 'logdrop' chain and optimize code that deletes temporary rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@486 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
ac33af2d3f
commit
4a173940b2
@ -28,7 +28,7 @@
|
|||||||
# shown below. Simply run this script to revert to your prior version of
|
# shown below. Simply run this script to revert to your prior version of
|
||||||
# Shoreline Firewall.
|
# Shoreline Firewall.
|
||||||
|
|
||||||
VERSION=1.4.0-RC1
|
VERSION=1.4.0-RC2
|
||||||
|
|
||||||
usage() # $1 = exit status
|
usage() # $1 = exit status
|
||||||
{
|
{
|
||||||
|
@ -3265,9 +3265,9 @@ add_common_rules() {
|
|||||||
logdisp() # $1 = Chain Name
|
logdisp() # $1 = Chain Name
|
||||||
{
|
{
|
||||||
if [ "$RFC1918_LOG_LEVEL" = ULOG ]; then
|
if [ "$RFC1918_LOG_LEVEL" = ULOG ]; then
|
||||||
echo "ULOG --ulog-prefix Shorewall:${1}:DROP:"
|
echo "ULOG $LOGPARMS --ulog-prefix Shorewall:${1}:DROP:"
|
||||||
else
|
else
|
||||||
echo "LOG --log-prefix Shorewall:${1}:DROP: --log-level $RFC1918_LOG_LEVEL"
|
echo "LOG $LOGPARMS --log-prefix Shorewall:${1}:DROP: --log-level $RFC1918_LOG_LEVEL"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
#
|
#
|
||||||
@ -3715,13 +3715,10 @@ activate_rules()
|
|||||||
complete_standard_chain OUTPUT $FW all
|
complete_standard_chain OUTPUT $FW all
|
||||||
complete_standard_chain FORWARD all all
|
complete_standard_chain FORWARD all all
|
||||||
|
|
||||||
run_iptables -D INPUT -m state --state ESTABLISHED -j ACCEPT
|
for chain in INPUT OUTPUT FORWARD; do
|
||||||
run_iptables -D OUTPUT -m state --state ESTABLISHED -j ACCEPT
|
run_iptables -D $chain -m state --state ESTABLISHED -j ACCEPT
|
||||||
run_iptables -D FORWARD -m state --state ESTABLISHED -j ACCEPT
|
run_iptables -D $chain -p udp --dport 53 -j ACCEPT
|
||||||
|
done
|
||||||
run_iptables -D INPUT -p udp --dport 53 -j ACCEPT
|
|
||||||
run_iptables -D OUTPUT -p udp --dport 53 -j ACCEPT
|
|
||||||
run_iptables -D FORWARD -p udp --dport 53 -j ACCEPT
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
|
@ -54,7 +54,7 @@
|
|||||||
# /etc/rc.d/rc.local file is modified to start the firewall.
|
# /etc/rc.d/rc.local file is modified to start the firewall.
|
||||||
#
|
#
|
||||||
|
|
||||||
VERSION=1.4.0-RC1
|
VERSION=1.4.0-RC2
|
||||||
|
|
||||||
usage() # $1 = exit status
|
usage() # $1 = exit status
|
||||||
{
|
{
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
%define name shorewall
|
%define name shorewall
|
||||||
%define version 1.4.0
|
%define version 1.4.0
|
||||||
%define release 0RC1
|
%define release 0RC2
|
||||||
%define prefix /usr
|
%define prefix /usr
|
||||||
|
|
||||||
Summary: Shoreline Firewall is an iptables-based firewall for Linux systems.
|
Summary: Shoreline Firewall is an iptables-based firewall for Linux systems.
|
||||||
@ -105,6 +105,8 @@ fi
|
|||||||
%doc COPYING INSTALL changelog.txt releasenotes.txt tunnel
|
%doc COPYING INSTALL changelog.txt releasenotes.txt tunnel
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Mar 07 2003 Tom Eastep <tom@shorewall.net>
|
||||||
|
- Changed version to 1.4.0-0RC2
|
||||||
* Wed Mar 05 2003 Tom Eastep <tom@shorewall.net>
|
* Wed Mar 05 2003 Tom Eastep <tom@shorewall.net>
|
||||||
- Changed version to 1.4.0-0RC1
|
- Changed version to 1.4.0-0RC1
|
||||||
* Mon Feb 24 2003 Tom Eastep <tom@shorewall.net>
|
* Mon Feb 24 2003 Tom Eastep <tom@shorewall.net>
|
||||||
|
@ -26,7 +26,7 @@
|
|||||||
# You may only use this script to uninstall the version
|
# You may only use this script to uninstall the version
|
||||||
# shown below. Simply run this script to remove Seattle Firewall
|
# shown below. Simply run this script to remove Seattle Firewall
|
||||||
|
|
||||||
VERSION=1.4.0-RC1
|
VERSION=1.4.0-RC2
|
||||||
|
|
||||||
usage() # $1 = exit status
|
usage() # $1 = exit status
|
||||||
{
|
{
|
||||||
|
Loading…
x
Reference in New Issue
Block a user