shorewall_code

mirror of https://gitlab.com/shorewall/code.git synced 2024-11-24 16:43:21 +01:00

Author	SHA1	Message	Date
Tom Eastep	4e83d0788e	Rename valuesort() to sortchainsiftest() and remove keysort() Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-04-11 13:42:41 -07:00
Tom Eastep	a49a9f9f9d	Sort specific hash keys and values if -t Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-04-07 11:12:16 -07:00
Tom Eastep	6dc99e77ae	Revert "Sort specific hash keys and values if -e" This reverts commit `5e648a9379`.	2020-04-07 11:09:27 -07:00
Tom Eastep	92b25d88b0	Revert "Add conditional sorts to find[_zone]_hosts_by_option()" This reverts commit `42a505c99d`.	2020-04-07 11:08:46 -07:00
Tom Eastep	42a505c99d	Add conditional sorts to find[_zone]_hosts_by_option() - Another case of different behavior by different Perl versions Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-04-06 13:48:45 -07:00
Tom Eastep	5e648a9379	Sort specific hash keys and values if -e - Makes testing output consistent across Perl versions Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-04-06 10:57:35 -07:00
Tom Eastep	e49f31fb42	Don't compute sha1 hash when testing Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-04-02 10:11:21 -07:00
Tom Eastep	3f0e4959a1	Revert "When exporting or testing, set all variables defined in the params file" This reverts commit `f9003fab43`.	2020-04-01 12:55:41 -07:00
Tom Eastep	112c4dc38a	Revert "Temporarily disable fix for exported variables" This reverts commit `137cc48779`.	2020-04-01 12:55:14 -07:00
Tom Eastep	137cc48779	Temporarily disable fix for exported variables Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-03-31 16:43:30 -07:00
Tom Eastep	f9003fab43	When exporting or testing, set all variables defined in the params file Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-03-31 15:55:09 -07:00
Tom Eastep	78da975989	Fix a couple of issues with product name - Use $Product rather that addressfamily-dependent logic - Revert unneeded change from 5.2.3.7 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-03-28 14:24:32 -07:00
Tuomo Soini	be924ff765	Fix http links to point to current project website Also removes deprecated Shorewall6/configfiles/masq Signed-off-by: Tuomo Soini <tis@foobar.fi> Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-03-27 14:24:37 -07:00
Tom Eastep	e82307f61e	Add empty target files 5.2.4-Beta1 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-03-10 11:03:02 -07:00
Tom Eastep	2604378646	Add 'help' to the generated script's help text Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-03-08 13:20:27 -07:00
Tom Eastep	b52a330f41	Replace trace, debug and nolock with options Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-03-07 17:48:10 -08:00
Tom Eastep	d3de75dd12	Add DOCKER_BRIDGE option Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-03-07 11:34:23 -08:00
Tom Eastep	639dc86e1b	Merge branch 'master' into 5.2.4 # Conflicts: # Shorewall/Perl/Shorewall/Config.pm Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-03-06 13:07:00 -08:00
Tom Eastep	fa1aa4b481	Merge branch '5.2.3' # Conflicts: # docs/Introduction.xml	2020-03-06 13:04:18 -08:00
Tom Eastep	95d3486788	Add empty target files 5.2.3.7 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-03-06 09:19:25 -08:00
Tom Eastep	9f3534dc1f	Correct Docker-related typos in Compiler.pm Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-03-04 14:55:52 -08:00
Tom Eastep	f63f0bb2f1	Correct DOCKER code Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-03-03 14:38:36 -08:00
Tom Eastep	646f01a3a4	Eliminate spurious 'Resetting...' message from the compiler Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-03-02 11:05:21 -08:00
Tom Eastep	65e101f306	Refine handling of MANGLE_ENABLED=No Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-03-02 08:21:34 -08:00
Tom Eastep	000f120c61	Improve checking when MANGLE_ENABLED=No in shorewall[6].conf - Fatal error when a feature is used that requires the mangle table Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-03-01 15:38:28 -08:00
Tom Eastep	f221ca290f	Improve checking when MANGLE_ENABLED=No in shorewall[6].conf - Fatal error when a feature is used that requires the mangle table Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-03-01 15:07:17 -08:00
Tom Eastep	8b99f8caac	Merge branch 'master' into 5.2.4 # Conflicts: # docs/SharedConfig.xml Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-03-01 13:50:05 -08:00
Tom Eastep	8b2c79e5ce	Merge branch '5.2.3' into 5.2.4 # Conflicts: # docs/Introduction.xml Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-03-01 13:48:45 -08:00
Tom Eastep	dcde2bfa4a	Correct logic that decides if a reload is necessary during enable Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-02-26 15:22:17 -08:00
Tom Eastep	387b861759	Correct handling of ORIGDEST with OLD_CONNTRACK_MATCH - Also correct detection of OLD_CONNTRACK_MATCH in shorewall6 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-02-25 13:08:58 -08:00
Tom Eastep	6798c2f2b0	Accomodate both DOCKER-ISOLATION and DOCKER-ISOLATION-STAGE-* Previously, the code assumed that either DOCKER-ISOLATION or DOCKER-ISOLATION-STAGE-* would exist but not both. That has been corrected	2020-02-24 15:35:50 -08:00
Tom Eastep	e8f49bc9c7	Merge branch '5.2.3'	2020-02-18 11:11:53 -08:00
Tom Eastep	31b558b7f9	Filter out LIBVIRT rules when saving Docker Rules Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-02-16 10:36:16 -08:00
Tom Eastep	367a5f7d97	Filter out LIBVIRT rules when saving Docker Rules Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-02-16 10:33:18 -08:00
Tom Eastep	4efac2fda1	Handle essential IPv6-ICMP types when firewall is stopped Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-02-06 15:21:51 -08:00
Tom Eastep	5f50b70618	Merge branch '5.2.3' into 5.2.4 # Conflicts: # docs/SharedConfig.xml Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-02-06 14:08:33 -08:00
Tom Eastep	b437f609e5	Merge branch '5.2.3'	2020-02-01 11:01:59 -08:00
Tom Eastep	f05bd969af	Revert "Add targetname files" This reverts commit `c9eb443574`.	2020-02-01 09:46:05 -08:00
Tom Eastep	7aaa04149e	Merge branch '5.2.3' # Conflicts: # Shorewall/manpages/shorewall-files.xml # docs/SharedConfig.xml	2020-02-01 09:45:33 -08:00
Tom Eastep	c9eb443574	Add targetname files Signed-off-by: Tom Eastep <teastep@shorewall.net>	2020-01-29 10:41:55 -08:00
Tom Eastep	08da235896	Correct IPv6 Address Range parsing Previously, such ranges were required to be of the form [<addr1>-<addr2>] rather than the more standard form [<addr1>]-[<addr2>]. In the snat file (and in nat actions), the latter form was actually flagged as an error while in other contexts, it resulted in a less obvious error being raised. With this change, both forms are accepted. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-12-23 10:02:48 -08:00
Tom Eastep	77cad81ba7	Clean up comments Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-12-23 09:59:29 -08:00
Tom Eastep	9213d7e707	Clean up Shorewall6[-lite] manpage links - there were many links pointing to /manpages6/shorewall6... that should have been updated to point to /manpages/shorewall... - this commit corrects those links Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-11-27 15:46:57 -08:00
Tom Eastep	157abcbd37	Allow NFQUEUE 'bypass' in the policy file Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-10-21 14:41:02 -07:00
Tom Eastep	2b7a37e42a	Minor cleanup of the Chains module Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-10-16 11:44:02 -07:00
Tom Eastep	51b9589c48	Merge branch 'more-bitcoin-ports' of ssh://teastep@git.code.sf.net/u/talkless/shorewall	2019-09-10 08:10:53 -07:00
Vincas Dargis	762df5e18c	Add macros for Bitcoin's Testnet and Regtest Add additional macros for Bitcoin daemon running in Testnet and Regtest modes.	2019-09-07 16:36:42 +03:00
Tom Eastep	cb56991fee	Merge branch '5.2.3'	2019-09-03 07:45:57 -07:00
Tom Eastep	c4d5bb904b	Correct description of 'bypass' in shorewall-rules(5). Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-08-26 15:45:26 -07:00
Tom Eastep	40f6192e19	Make 'AUTOMAKE=No' the update default Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-08-25 14:20:54 -07:00
Tom Eastep	7051daeb08	Correct handle of multi-queue NFQUEUE when passed to a macro Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-08-25 14:18:54 -07:00
Tom Eastep	a9c42e1eaa	Correct NFQUEUE policy with per-CPU queues Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-08-25 14:18:06 -07:00
Tom Eastep	8b0cfdf779	Clarify SWITCH settings and reload Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-04-25 14:26:18 -07:00
Tom Eastep	c127cec76c	Merge branch '5.2.3'	2019-04-14 14:35:09 -07:00
Tom Eastep	6b21135ade	Correct handling of an ipset in the SPORT column Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-04-11 18:37:27 -07:00
Tom Eastep	2f66381a4a	Allow multiple protocols to be specified for a helper - the protocol list is specified in the %helpers hash as an array reference e.g., "[UDP,TCP]". Note that those are protocol numbers, not names. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-04-01 15:14:34 -07:00
Matt Darfeuille	53495ec0a8	Point exclusively to shorewall.org Signed-off-by: Matt Darfeuille <matdarf@gmail.com> Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-03-25 11:35:00 -07:00
Tom Eastep	2f3f6ffa15	Revert "Make $update global in Config.pm" This reverts commit `b9d0821acb`.	2019-03-17 08:02:53 -07:00
Tom Eastep	60f2f3b0d0	Allow variable expansion when processing shorewallrc. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-03-14 20:38:10 -07:00
Tom Eastep	e626b77097	Correct policy zone exclusion handling Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-02-21 09:31:13 -08:00
Matt Darfeuille	d3fcb29f0d	Use proper function name for warning messages Signed-off-by: Matt Darfeuille <matdarf@gmail.com> Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-02-07 10:44:46 -08:00
Tom Eastep	e548043e96	Remove modules files Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-02-06 14:17:10 -08:00
Tom Eastep	443a4223c2	Remove pre-2.6.20 helpers Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-02-06 14:11:48 -08:00
Tom Eastep	8f42a6a72b	Remove LOAD_HELPERS_ONLY Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-02-03 10:04:19 -08:00
Tom Eastep	0982fec513	Remove superfluous whitespace from Providers.pm Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-02-01 12:44:44 -08:00
Tom Eastep	f5262dd050	Correct typo in shorewall-providers(5) - RESTORE_DEFAULT_OPTION -> RESTORE_DEFAULT_GATEWAY	2019-02-01 12:44:00 -08:00
Tom Eastep	8dcfd86f3a	Document compiler globals Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-24 08:26:27 -08:00
Tom Eastep	edc9e25f25	Deprecate 'all[+]-' Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-23 12:35:07 -08:00
Tom Eastep	ef11ae834d	Drop documentation for all- Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-22 15:53:33 -08:00
Tom Eastep	9f423412d8	Allow zone exclusion in the policy file Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-22 12:35:23 -08:00
Tom Eastep	7f7fef3a4e	Disallow 'all' in a policy zone list Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-21 10:00:36 -08:00
Tom Eastep	b9d0821acb	Make $update global in Config.pm - Only save raw image if we are updating Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-20 11:06:40 -08:00
Tom Eastep	857539c8b1	Update lib.runtime copyright Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-16 13:09:42 -08:00
Tom Eastep	429070d107	Update Chains.pm and Compiler.pm copyrights Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-16 12:28:27 -08:00
Tom Eastep	89725c530f	Change limit of 'wait' option setting to 300 seconds (5 minutes) Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-16 11:50:33 -08:00
Tom Eastep	8e5f67797a	Allow INLINE() in the accounting file to accept '+' in inline matches Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-14 14:52:18 -08:00
Tom Eastep	0eb0bace9a	Update more copyrights Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-09 11:57:41 -08:00
Tom Eastep	fab8cc055b	Remove unused local variable Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-08 14:25:09 -08:00
Tom Eastep	bef8ec09b3	Insist that '+' (if present) be the first non-blank character in IL matches Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-08 13:55:02 -08:00
Tom Eastep	cf330afbd9	Allow inline matches in the conntrack file. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-08 13:09:00 -08:00
Tom Eastep	49731da807	Update copyright dates Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-04 10:14:27 -08:00
Tom Eastep	f3ecbc185c	Add Netmanager gateway detection Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-03 11:22:15 -08:00
Tom Eastep	a71a44346e	Document the provider table contents Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-02 15:27:38 -08:00
Tom Eastep	4d278f4c20	Clarify [no]hostroute in shorewall-providers(5). Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-02 15:08:38 -08:00
Tom Eastep	45ec24ea42	Add comments to the Zones module Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-12-30 14:10:28 -08:00
Tom Eastep	bf3880ae59	Add some comments to the Misc module Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-12-30 12:41:55 -08:00
Tom Eastep	9e838e6d04	Add Tuomo Soini's WUDO macro Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-12-19 14:57:38 -08:00
Tom Eastep	d096db6a94	Add/modify comments in Chains.pm Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-12-19 09:19:26 -08:00
Tom Eastep	636d82414f	Merge branch '5.2.1'	2018-12-16 10:34:34 -08:00
Tom Eastep	cb3273b13b	Revert "Allow leading 's' & 'd' to be omitted when specifying two rates" This reverts commit `23bc6f1ab5`.	2018-12-16 10:06:34 -08:00
Tom Eastep	f0c75b5119	Update RATE documentation in shorewall-rules(5) Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-12-16 10:06:00 -08:00
Tom Eastep	23bc6f1ab5	Allow leading 's' & 'd' to be omitted when specifying two rates Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-12-16 09:47:45 -08:00
Roberto C. Sánchez	54e6412c49	Fix documentation typos	2018-12-15 15:34:45 -08:00
Tom Eastep	1465035aa4	Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code	2018-12-15 14:57:21 -08:00
Tom Eastep	8473bf2200	Clean up macros contributed by Vincas Dargis Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-12-15 10:31:57 -08:00
Tom Eastep	0fe45b8f46	Merge branch 'tor' of ssh://teastep@git.code.sf.net/u/talkless/shorewall	2018-12-15 10:25:22 -08:00
Tom Eastep	a4c87149c9	Merge branch 'oncrpc_macro' of ssh://teastep@git.code.sf.net/u/talkless/shorewall	2018-12-15 10:24:56 -08:00
Tom Eastep	83359b098d	Merge branch 'bitcoin' of ssh://teastep@git.code.sf.net/u/talkless/shorewall	2018-12-15 10:21:14 -08:00
Tom Eastep	3239fb3eb9	Merge branch '5.2.1'	2018-12-15 09:56:14 -08:00
Roberto C. Sánchez	096f59b5bc	Fix documentation typos	2018-12-15 11:02:07 -05:00
Vincas Dargis	9260be402b	Add Tor macros Add macros for various Tor Anonimity Network ports	2018-12-15 13:08:06 +02:00
Vincas Dargis	7bf7000941	Add Bitcoin macros Add macros for various Bitcoin daemon ports.	2018-12-15 12:35:52 +02:00
Vincas Dargis	840f8b904d	Add ONC RPC macro Add macro for handling ONC RPC calls, for rpcinbd on Linux.	2018-12-15 12:10:03 +02:00
Tom Eastep	61ac08dc7f	Correct handling of netmask when two rates are specified in the RATE col. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-12-14 14:16:26 -08:00
Tom Eastep	f65b10c375	Remove dead/silly code from Shorewall::Chains::use_input/output_chain() - combine the two into a single function use_interface_chain(). Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-12-14 13:54:36 -08:00
Tom Eastep	35c7f304f7	Correct log name for untracked chain Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-12-14 11:00:27 -08:00
Tom Eastep	467544801e	Clean up of Chains.pm Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-12-14 10:59:31 -08:00
Tom Eastep	7cfe9ec272	Correct log name for untracked chain Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-12-14 10:58:26 -08:00
Tom Eastep	6908a4bcf7	Issue warning when ULOG is used. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-12-14 09:00:42 -08:00
Tom Eastep	be2110b47e	Revert "Remove ULOG support" This reverts commit `061ce3d781`.	2018-12-14 08:54:07 -08:00
Tom Eastep	ad6401da8c	Cleanup of Config.pm Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-12-13 15:32:39 -08:00
Tom Eastep	668cb6deda	Make 'status -i' work when there are no providers Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-12-11 13:44:31 -08:00
Tom Eastep	8ed644a0ec	Correct HELPER requires error message Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-11-28 11:00:41 -08:00
Tom Eastep	86b82c53cf	Correct HELPER requires error message Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-11-28 10:59:53 -08:00
Tom Eastep	061ce3d781	Remove ULOG support Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-11-15 14:59:29 -08:00
Tom Eastep	45f8d31021	Don't try to load ipt_ULOG Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-11-15 14:33:25 -08:00
Tom Eastep	03d2088cf7	Implement SW_CONFDIR support Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-11-06 15:40:26 -08:00
Tom Eastep	6534201284	Fix assertion failure during 'check -r' when DOCKER=Yes - avoid unnecessary mode transitions Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-10-31 15:30:03 -07:00
Tom Eastep	282ca14182	Corrections to DOCKER-ISOLATION change - Handle DOCKER-USER Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-10-28 09:20:47 -07:00
Tom Eastep	4b7d346911	Merge branch '5.2.1'	2018-10-27 09:11:00 -07:00
Tom Eastep	131a2cd40d	Accommodate Docker version 18.06 - Optionally replace DOCKER-ISOLATION with DOCKER-ISOLATION-STAGE-1 and -2 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-10-27 09:04:34 -07:00
Tom Eastep	ae90ab1f68	Add version of Jeremie Courreges-Anglas's <jca@tranquil.it> patch - Handle case where we are enabling/disabling a balanced/fallback provider and another such provider has lost carrier. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-10-11 15:18:47 -07:00
Tom Eastep	5e57c895b3	Avoid emacs issues with compiled code - handle embedded spaces in moduledir path names Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-10-09 14:47:36 -07:00
Tom Eastep	aab1df7421	Correct ip[6]tables-restore failure message Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-10-06 08:22:46 -07:00
Tom Eastep	9f3cc88cf0	Prevent invalid code generation with SNAT(detect) Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-10-02 08:15:20 -07:00
Tom Eastep	aaa80882a0	Add Eric Teeter's Cockpit macro Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-09-28 09:43:55 -07:00
Tom Eastep	1b6de901e0	Merge branch '5.2.0'	2018-08-24 15:33:16 -07:00
Tom Eastep	56780a5d1f	Apply rate limiting in the nat table on nat+accept rules Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-08-24 15:31:20 -07:00
Tom Eastep	22c1bc2e9c	Apply rate limiting in the nat table on nat+accept rules Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-08-23 14:07:10 -07:00
Tom Eastep	5048e68cb5	Correct IPv4 examples in shorewall-blrules(5) Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-08-13 19:21:03 -07:00
Tom Eastep	2d2ded7efc	Merge branch '5.2.0'	2018-08-07 07:46:29 -07:00
Tom Eastep	5e8fd570d1	Prepare for Perl 5.32 - Escape '{' in REs Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-08-07 07:43:58 -07:00
Tom Eastep	82e84f724d	Use -h rather than -L for checking a symlink Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-08-01 13:58:35 -07:00
Tom Eastep	7c31f70dc8	Use '=' rather than '&' to create UNTRACKED rule chains. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-08-01 13:50:20 -07:00
Tom Eastep	f1eafdc314	Use '=' rather than '&' to create UNTRACKED rule chains. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-08-01 13:48:29 -07:00
Tom Eastep	c195bab01d	Correct handling of a provider interface that matches a wildcard. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-07-29 20:34:02 -07:00
Tom Eastep	d829093caa	Use -h rather than -L for checking a symlink Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-07-26 13:57:10 -07:00
Tom Eastep	0d682fe78b	Disallow optional shared providers Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-07-19 09:57:06 -07:00
Tom Eastep	410a20dda3	Make shared interface and 'load=<load-factor' play nice together Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-07-17 13:25:26 -07:00
Tom Eastep	0685d0edfd	Fix rate limiting - Avoid specifying a timeout when the match is '-m limit' Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-07-15 08:57:43 -07:00
Tom Eastep	474604b1fe	Correct source interface exclusion Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-07-04 08:01:27 -07:00
Tom Eastep	6fef1f34ba	Correct links in manpages Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-07-03 15:31:14 -07:00
Tom Eastep	93f0183550	Tweak do_ratelimit() Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-07-03 14:22:30 -07:00
Tom Eastep	a42972644c	Allow specification of 'hashlimit' table sizes Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-07-02 14:14:36 -07:00
Tom Eastep	b271c52603	Update RATE column documentation Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-07-02 14:10:53 -07:00
Tom Eastep	49514e2d58	Allow specification of ht buckets and max entries in RATE columns Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-07-02 10:23:36 -07:00
Tom Eastep	a265685e20	Allow specification of VLSM in the RATE columns Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-07-02 09:08:45 -07:00
Matt Darfeuille	442e6ac152	Update version to 5.2 Signed-off-by: Matt Darfeuille <matdarf@gmail.com> Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-06-23 09:09:00 -07:00
Matt Darfeuille	14e5a2d5ca	Be more verbose in progress messages Signed-off-by: Matt Darfeuille <matdarf@gmail.com> Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-06-23 09:02:18 -07:00
Tom Eastep	780eb0402c	Update manpages for interface exclusion Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-06-15 08:23:35 -07:00
Tom Eastep	bfb9852eb6	Allow MARK, CONNMARK, SAVE and RESTORE in the nat table Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-06-14 10:01:12 -07:00
Tom Eastep	a8b6a301f2	Revert "MARK and CONNMARK in the snat file" This reverts commit `e36547f8be`.	2018-06-14 07:58:33 -07:00
Tom Eastep	150f7ab798	Allow specification of the TPROXY mark in CONNMARK and MARK. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-06-14 07:58:06 -07:00
Tom Eastep	b11d63a7bd	More manpage corrections Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-06-11 08:54:34 -07:00
Tom Eastep	84b283533b	Correct dangling link Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-06-11 08:52:07 -07:00
Tom Eastep	e36547f8be	MARK and CONNMARK in the snat file Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-06-10 16:34:55 -07:00
Tom Eastep	0632723a6c	Support interface exclusion Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-06-10 12:02:19 -07:00
Tom Eastep	43543b5c32	Clean up shorewall-addresses(5) Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-06-10 12:00:54 -07:00
Tom Eastep	ffc5a3c7df	Add ALT Linux support by Alexey Shabalin <sha-ba@mail.ru> Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-05-29 08:13:26 -07:00
Tom Eastep	b6d1293b2e	Merge branch '5.2.0'	2018-05-20 14:48:40 -07:00
Tom Eastep	ec21b03c5b	Correct handling of dbl=src_dst in interface OPTIONS Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-05-18 10:18:09 -07:00
Tom Eastep	25dcf8c5d6	Check for linkdown in interface_is_usable() rather than ..._is_up(). Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-05-18 07:56:06 -07:00
Tom Eastep	c02b71b530	Correct interface_is_up() to look for the 'state' as well as 'UP' Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-05-12 08:09:46 -07:00
Tom Eastep	78269d57bc	Handle missing AUTOMAKE Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-05-10 11:12:23 -07:00
Tom Eastep	fc91648315	Avoid split_line2 confusion when processing a raw line Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-05-10 09:30:02 -07:00
Tom Eastep	067f435ac5	Update BLACKLIST_DEFAULT if Drop or Reject Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-05-06 13:31:54 -07:00
Tom Eastep	07654d8f8d	Fix 'compile -c' Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-05-05 13:26:58 -07:00
Tom Eastep	b5e8f9bd50	Restore the read_yesno_with_timeout() function Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-05-04 08:52:40 -07:00
Tom Eastep	f9995a9515	New manpages Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-05-04 08:47:33 -07:00
Tom Eastep	9c950082f6	Add new IPFS macros Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-05-04 08:45:39 -07:00
Tom Eastep	65e174a073	Add IPFS macros from Răzvan Sandu <razvan.sandu@mobexpert.ro> Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-04-21 09:05:48 -07:00
Tom Eastep	66edd76b10	Correct typo in patch merged from 5.1.12 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-04-15 08:46:05 -07:00
Matt Darfeuille	99be0ce970	Use a function to load configuration files Signed-off-by: Matt Darfeuille <matdarf@gmail.com> Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-04-14 13:06:54 -07:00
Tom Eastep	98d5bf8f55	Correct 'reset' handling in 'IfEvent' Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-04-13 09:22:29 -07:00
Tom Eastep	c59ff50de4	Process params file in remote_capture() Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-04-13 08:49:35 -07:00
Matt Darfeuille	3df5c032da	Be more verbose when executing remote commands - Reword progress messages Signed-off-by: Matt Darfeuille <matdarf@gmail.com> Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-04-12 11:12:39 -07:00
Tom Eastep	90df607d79	Finish removal of 'refresh command' Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-30 15:30:34 -07:00
Tom Eastep	5e2f1f573d	Unconditionally convert masq->snat Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-27 11:38:47 -07:00
Tom Eastep	011322992e	Revert "Delete masq file processing" This reverts commit `609ee8dea2`.	2018-03-27 11:08:33 -07:00
Tom Eastep	47a96e9ff9	Delete masq file. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-26 15:57:49 -07:00
Tom Eastep	4a1d8ba0f9	delete shorewall-masq.xml Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-26 15:56:11 -07:00
Tom Eastep	7c99059a66	Supersede the masq file. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-26 15:53:07 -07:00
Tom Eastep	609ee8dea2	Delete masq file processing - Automatically convert the masq file if it exists Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-26 11:40:22 -07:00
Matt Darfeuille	299ea2b41f	Update version to 5.2 - Remove unneeded punctuation marks Signed-off-by: Matt Darfeuille <matdarf@gmail.com> Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-24 09:53:02 -07:00
Tom Eastep	32f1ae1992	Make &lo work correctly Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-19 18:23:19 -07:00
Matt Darfeuille	47a59cdd7c	Add and document the remote-getcaps command Signed-off-by: Matt Darfeuille <matdarf@gmail.com> Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-18 17:36:38 -07:00
Matt Darfeuille	676ca872d6	Add and document the remote-getrc command Signed-off-by: Matt Darfeuille <matdarf@gmail.com> Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-18 17:36:33 -07:00
Matt Darfeuille	ef28208c0e	Use a more consistent name for function definition Signed-off-by: Matt Darfeuille <matdarf@gmail.com> Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-18 17:36:20 -07:00
Matt Darfeuille	cdeb82bdab	Improve when to capture capabilities Signed-off-by: Matt Darfeuille <matdarf@gmail.com> Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-18 17:35:42 -07:00
Tom Eastep	3be071ca3d	Up the INCLUDE depth limit to 20 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-12 14:39:53 -07:00
Tom Eastep	6f6abfc8cd	Clarify the processing of the params file in shorewall-params(5) Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-08 08:51:36 -08:00
Tom Eastep	f99f3539d1	Recommend using the link-level IP of upstream IPv6 routers. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-05 16:42:15 -08:00
Tom Eastep	e08e239c00	Implement AUTOMAKE=recursive Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-03 15:50:56 -08:00
Tom Eastep	02ed6f26a9	Allow AUTOMAKE=<depth> to specify search depth Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-03 13:04:48 -08:00
Tom Eastep	9e002a7689	Be sure that mutex is released when exiting Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-02-28 13:38:30 -08:00
Tom Eastep	34c5441768	Apply optimize category 16 again after 8 if 8 did anything Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-02-27 14:17:21 -08:00
Tom Eastep	c3d8cba042	Reverse the order of optimize 8 and optimize 16 application Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-02-23 15:01:47 -08:00
Tom Eastep	8bc97bcd35	Replace ${VARDIR}/firewall with $g_firewall in CLI Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-02-23 12:40:14 -08:00
Tom Eastep	c1a74b54fc	Implement RENAME_COMBINED Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-02-22 12:49:55 -08:00
Tom Eastep	88547f5140	Handle two-chain case when LOG_ZONE != 'Both' Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-02-22 11:25:19 -08:00

... 2 3 4 5 6 ...

8030 Commits