extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-21 10:18:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add log limiting to 'logdrop' chain and optimize code that deletes temporary rules

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@486 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2003-03-08 15:48:07 +00:00
parent ac33af2d3f
commit 4a173940b2
5 changed files with 12 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall/fallback.sh
View File

@ -28,7 +28,7 @@
# shown below. Simply run this script to revert to your prior version of # shown below. Simply run this script to revert to your prior version of
# Shoreline Firewall. # Shoreline Firewall.
VERSION=1.4.0-RC1 VERSION=1.4.0-RC2
usage() # $1 = exit status usage() # $1 = exit status
{ {

15
Shorewall/firewall
View File

@ -3265,9 +3265,9 @@ add_common_rules() {
logdisp() # $1 = Chain Name logdisp() # $1 = Chain Name
{ {
if [ "$RFC1918_LOG_LEVEL" = ULOG ]; then if [ "$RFC1918_LOG_LEVEL" = ULOG ]; then
echo "ULOG --ulog-prefix Shorewall:${1}:DROP:" echo "ULOG $LOGPARMS --ulog-prefix Shorewall:${1}:DROP:"
else else
echo "LOG --log-prefix Shorewall:${1}:DROP: --log-level $RFC1918_LOG_LEVEL" echo "LOG $LOGPARMS --log-prefix Shorewall:${1}:DROP: --log-level $RFC1918_LOG_LEVEL"
fi fi
} }
# #
@ -3715,13 +3715,10 @@ activate_rules()
complete_standard_chain OUTPUT $FW all complete_standard_chain OUTPUT $FW all
complete_standard_chain FORWARD all all complete_standard_chain FORWARD all all
run_iptables -D INPUT -m state --state ESTABLISHED -j ACCEPT for chain in INPUT OUTPUT FORWARD; do
run_iptables -D OUTPUT -m state --state ESTABLISHED -j ACCEPT run_iptables -D $chain -m state --state ESTABLISHED -j ACCEPT
run_iptables -D FORWARD -m state --state ESTABLISHED -j ACCEPT run_iptables -D $chain -p udp --dport 53 -j ACCEPT
done
run_iptables -D INPUT -p udp --dport 53 -j ACCEPT
run_iptables -D OUTPUT -p udp --dport 53 -j ACCEPT
run_iptables -D FORWARD -p udp --dport 53 -j ACCEPT
} }
# #

2
Shorewall/install.sh
View File

@ -54,7 +54,7 @@
# /etc/rc.d/rc.local file is modified to start the firewall. # /etc/rc.d/rc.local file is modified to start the firewall.
# #
VERSION=1.4.0-RC1 VERSION=1.4.0-RC2
usage() # $1 = exit status usage() # $1 = exit status
{ {

4
Shorewall/shorewall.spec
View File

@ -1,6 +1,6 @@
%define name shorewall %define name shorewall
%define version 1.4.0 %define version 1.4.0
%define release 0RC1 %define release 0RC2
%define prefix /usr %define prefix /usr
Summary: Shoreline Firewall is an iptables-based firewall for Linux systems. Summary: Shoreline Firewall is an iptables-based firewall for Linux systems.
@ -105,6 +105,8 @@ fi
%doc COPYING INSTALL changelog.txt releasenotes.txt tunnel %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel
%changelog %changelog
* Fri Mar 07 2003 Tom Eastep <tom@shorewall.net>
- Changed version to 1.4.0-0RC2
* Wed Mar 05 2003 Tom Eastep <tom@shorewall.net> * Wed Mar 05 2003 Tom Eastep <tom@shorewall.net>
- Changed version to 1.4.0-0RC1 - Changed version to 1.4.0-0RC1
* Mon Feb 24 2003 Tom Eastep <tom@shorewall.net> * Mon Feb 24 2003 Tom Eastep <tom@shorewall.net>

2
Shorewall/uninstall.sh
View File

@ -26,7 +26,7 @@
# You may only use this script to uninstall the version # You may only use this script to uninstall the version
# shown below. Simply run this script to remove Seattle Firewall # shown below. Simply run this script to remove Seattle Firewall
VERSION=1.4.0-RC1 VERSION=1.4.0-RC2
usage() # $1 = exit status usage() # $1 = exit status
{ {