Commit Graph

452 Commits

Author SHA1 Message Date
Tom Eastep
3f68814a38
Disallow more than one address[-range] in SNAT rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-31 15:15:35 -07:00
Tom Eastep
46c8147521
Deprecate INLINE_MATCHES=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-27 13:55:11 -07:00
Tom Eastep
0e7d5f3972
Support '+' in SNAT action invocation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-18 16:00:36 -07:00
Tom Eastep
5b5f91f75f
SNAT option documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-18 15:32:22 -07:00
Tom Eastep
f3dd77a3f1
Merge branch '5.0.13' 2016-10-16 16:36:08 -07:00
Tom Eastep
2c191bf595
Correct .conf manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-16 15:07:34 -07:00
Tom Eastep
86c4333f8f
Correct the shorewall-snat(5) examples
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-15 14:58:49 -07:00
Tom Eastep
43fdddb438
Add 'snat' config file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-15 11:38:52 -07:00
Tom Eastep
49fae96b09
Update the manpages for 'blacklist' verbosity
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-10 19:45:42 -07:00
Tom Eastep
b5e7e41708
Correct NFQUEUE! manpage description
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-07 05:50:24 -07:00
Tom Eastep
14e8568d9e
Add the FIREWALL .conf option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-05 15:03:54 -07:00
Tom Eastep
ca7ca4bdfe
Add a 'timeout' option to DYNAMIC_BLACKLIST
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-05 12:56:47 -07:00
Tom Eastep
8d731c81e4
Add 'disconnect' option to ipset-based dynamic blacklisting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-04 09:09:45 -07:00
Tom Eastep
6ad7d47eb6
Correct DYNAMIC_BLACKLISTING documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-03 08:19:19 -07:00
Tom Eastep
97186e5402
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2016-10-02 14:04:02 -07:00
Roberto C. Sánchez
64ab43f14f
Fix typos 2016-10-02 17:01:46 -04:00
Tom Eastep
f989c2f5f6
Document 'persistent'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-30 11:34:57 -07:00
Tom Eastep
792b3b696c
Add ZERO_MARKS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-26 16:04:26 -07:00
Tom Eastep
3f8ddb11ab
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code 2016-09-25 08:00:43 -07:00
Tom Eastep
ef4b1c2030
Add a TIME Columns section to the config file basics doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-22 15:45:18 -07:00
Tom Eastep
8065e62f12
Support for the 'contiguous' option in TIME columns
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-22 14:22:11 -07:00
Tom Eastep
e81a4788c6
Implement DEFAULT_PAGER in shorewallrc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-21 10:20:48 -07:00
Tom Eastep
d854185c56
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code 2016-09-20 08:47:07 -07:00
Tom Eastep
8bb7c2363b
Support '+' after a zone list in the policy files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-10 10:06:38 -07:00
Tom Eastep
7e32a10176
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code 2016-09-10 08:48:48 -07:00
Tom Eastep
2c90a8bfb5
Allow zone lists in the SOURCE and DEST columns of the policy files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-10 08:47:48 -07:00
Tom Eastep
5ea91f21f4
Correct the mangle manpage
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-05 19:20:25 -07:00
Tom Eastep
a05b957498
Corrections in the shorewall[6].conf manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-08-15 10:24:23 -07:00
Tom Eastep
0b9cd93769
Default DSCP rules to the POSTROUTING chain
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-07-27 13:59:15 -07:00
Tom Eastep
4a6338d857
Correct/complete Scott Sumate's LOGFILE enhancement
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-07-15 14:25:02 -07:00
Tom Eastep
e71fb3249a
Add 'dbl' interface option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-06-15 16:35:41 -07:00
Tom Eastep
4869f61a25
'allow' now works with ipset-based dynamic blacklisting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-06-09 08:44:25 -07:00
Tom Eastep
590243a787 Add NFLOG as a supported mangle action
- Also document nflog-parameters
- Correct range of nflog groups

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-05-03 11:27:34 -07:00
Tom Eastep
b7de785396 Correct typo in manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-30 08:34:43 -07:00
Tom Eastep
24d40f4cc2 Add VERBOSE_MESSAGES option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-30 08:00:56 -07:00
Tom Eastep
71bd7a4647 Update the STARTUP_LOG description in shorewall[6].conf
- Update list of commands

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-19 07:49:37 -07:00
Tom Eastep
2b7ef0fe32 Update the tcclasses manpage to discuss fw mark filter priority
- Also correct default priorities for tos= and tcp-ack

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-18 09:18:48 -07:00
Tom Eastep
32f888a7d4 Add an ENVIRONMENT section to the CLI manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-15 15:41:55 -07:00
Tom Eastep
dbd42e1d5d More ipset fixes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-12 16:29:13 -07:00
Tom Eastep
deaaecdf1c Add 'nodbl' interface option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-10 16:09:39 -07:00
Tom Eastep
05e4049174 Ipset-based blacklisting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-10 16:07:56 -07:00
Tom Eastep
ef10515a42 Correct FASTACCEPT description
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-10 07:20:45 -07:00
Tom Eastep
be58d530c4 Document 'logjump'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-08 09:09:59 -07:00
Tom Eastep
e9467326f3 Allow allow REJECT to take a parameter
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-05 11:20:44 -07:00
Tom Eastep
3cbfdadb32 Merge branch '5.0.7' 2016-04-01 09:46:53 -07:00
Tom Eastep
81d76e3817 Document + in the MODULESDIR setting.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-01 09:43:06 -07:00
Tom Eastep
df1b1f6768 Add MINIUPNPD option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-01 08:57:08 -07:00
Roberto C. Sánchez
899a317c95 Fix typos 2016-03-26 22:25:30 -04:00
Tom Eastep
273c89a753 Implement MARK and CONNMARK in the rules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-18 11:42:58 -07:00
Tom Eastep
eed7692952 Document the state action option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-14 15:15:32 -07:00