Commit Graph

11347 Commits

Author SHA1 Message Date
Tom Eastep
f305da9d0d Require extended multi-port match for OPTIMIZE 16.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-24 10:57:09 -08:00
Tom Eastep
8d8a681f40 Implement optimization level 16
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-24 10:22:04 -08:00
Tom Eastep
4559c8b5d0 Tweaks to convert_blacklist()
- Reword an error message to handle both missing file and zero-sized file.
- Don't rename file that doesn't exist.
2011-11-21 12:13:39 -08:00
Tom Eastep
1a968ec734 Add routefilter to one-armed router section
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-21 05:54:51 -08:00
Tom Eastep
dffb79e7bd Handle empty blacklist file in 'update -b'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 17:02:01 -08:00
Tom Eastep
bd8ba435cd Avoid uninitialized value in hash element.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 16:24:42 -08:00
Tom Eastep
4d30811794 Implement 'show marks'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 12:29:17 -08:00
Tom Eastep
4a7d4d6abc Bring the upgrade issues doc up to date
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 08:46:02 -08:00
Tom Eastep
88a883da71 Update references to WIDE_TC_MARKS and HIGH_ROUTE_MARKS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 08:45:47 -08:00
Tom Eastep
e5a6387695 Eliminate use of WIDE_TC_MARKS in the Tc module
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 08:45:16 -08:00
Tom Eastep
5097d36a33 Update Packing Marking doc for this release
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 07:41:17 -08:00
Tom Eastep
382309bc53 Derive default values for the mark-layout options
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 07:03:33 -08:00
Tom Eastep
86c51f24d9 Deprecate the old mark layout options.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 17:14:05 -08:00
Tom Eastep
9d56fcab89 Update Shorewall6 .conf files and manpage
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 16:54:10 -08:00
Tom Eastep
2fd3766be8 Remove duplicate options from Universal shorewall.conf
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 16:01:23 -08:00
Tom Eastep
9988f744ff Add mark layout options to shorewall.conf manpage
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 15:55:45 -08:00
Tom Eastep
0adc82f469 Add the mark layout options to shorewall.conf
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 15:29:07 -08:00
Tom Eastep
83d7cfa76a Update documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 15:18:43 -08:00
Tom Eastep
ae8aa3a45a More fixes for ZONE_BITS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 08:19:38 -08:00
Tom Eastep
ab1b65d6a8 Fixes for blacklist conversion
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 08:18:58 -08:00
Tom Eastep
4f9afc32ec Allow zone names in the MARK column when ZONE_BITS != 0
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-18 07:23:24 -08:00
Tom Eastep
7c0cb69c29 Don't copy limited broadcast routes to provider tables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-18 07:07:51 -08:00
Tom Eastep
364b30fd9b Fix 'update -b' handling of missing files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-18 06:26:37 -08:00
Tom Eastep
72f75c201c Implement zone automark
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-17 16:07:45 -08:00
Tom Eastep
96f5aec71f Add ZONE_BITS configuration option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-17 10:40:47 -08:00
Tom Eastep
fe09646bed Make zone types a power of 2.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-17 09:23:39 -08:00
Tom Eastep
348c6c8cf7 Correct handling of LOGMARK
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-17 07:22:07 -08:00
Tom Eastep
d096b9399a Fix '\!' handling in validate_level()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-15 16:41:32 -08:00
Tom Eastep
afaf0d9de8 Trivial optimiation in validate_level()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-13 06:19:40 -08:00
Tom Eastep
28a1087cd4 Cleanup of rewritten validate_level()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-13 05:58:59 -08:00
Tom Eastep
73ed66b9b9 Add ULOG and NFLOG capabilities plus LOGMARK for IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-12 14:10:48 -08:00
Tom Eastep
bf010dc03e Macro changes from Tuomo Soini 2011-11-11 15:08:57 -08:00
Tom Eastep
ffec7a4d95 More corrections to wildcard interfaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-11 07:29:44 -08:00
Tom Eastep
04dfe26549 Remove two unused variables.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-11 05:23:37 -08:00
Tom Eastep
972721facb Remove some white space
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-10 17:52:25 -08:00
Tom Eastep
6813409c31 Make the previous patch a bit cleaner
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-10 07:19:21 -08:00
Tom Eastep
d85f6970e3 Fix wildcard interfaces
- Suppress extra jumps to interface chains.
- Insure that the 'lo' ACCEPT rule doesn't get masked by a wildcard interface

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-10 06:53:48 -08:00
Tom Eastep
83d373c0aa More documentation cleanup.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-10 06:52:14 -08:00
Tom Eastep
7ebf5a4284 Correct links in shorewall.conf manpage
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-09 09:56:59 -08:00
Tom Eastep
d053faadde Allow convertion of a legacy blacklist configuration
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-08 12:59:40 -08:00
Tom Eastep
6108a9cad8 Delete BLACKLISTSECTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-06 14:46:14 -08:00
Tom Eastep
da7516d401 Update config files and manpages for BLACKLISTSECTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-06 12:05:07 -08:00
Tom Eastep
b0103a51d5 Merge branch 'master' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall 2011-11-06 08:44:26 -08:00
Tom Eastep
1091c24348 Implement the BLACKLISTSECTION option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-06 08:43:38 -08:00
Tom Eastep
755ed9859b Merge branch '4.4.25' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall 2011-11-06 06:16:43 -08:00
Roberto C. Sanchez
cf8c30904d Add support for a "status" command to the Debian init scripts
(cherry picked from commit d36a2030ea)
2011-11-06 09:10:59 -05:00
Tom Eastep
38d1a2ada9 Add DropSmurfs and TCPFlags to the IPv6 actions.std file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-05 07:54:21 -07:00
Tom Eastep
d883e45f83 Correct 'start -f' with AUTOMAKE=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-05 07:54:05 -07:00
Tom Eastep
e236be37db Include the rawpost table in dump output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-05 07:52:40 -07:00
Tom Eastep
a842fad629 Mention that 'ignore' exempts the inteface from hairpin filtering.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-04 13:49:23 -07:00