Tom Eastep
536fea27a5
Detect duplicate routes.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-22 14:59:35 -07:00
Tom Eastep
215fd9e234
Use 'replace' rather than 'add' for routes defined in the routes file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-22 14:55:27 -07:00
Tom Eastep
1701bd46fc
Correct table entry in the Shorewall-init article.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-22 14:54:18 -07:00
Tom Eastep
4c0a0e0ff8
Don't emit 'qt ' in the undo_x_routing files.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-22 13:20:27 -07:00
Tom Eastep
1a4db31ff0
Make NetworkManager with with Shorewall-init on SuSE.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-21 15:02:35 -07:00
Tom Eastep
9e5cf92a59
Merge branch '4.5.14'
2013-03-21 12:00:20 -07:00
Tom Eastep
3ac6835650
Handle IPv6 /32 networks correctly.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-21 11:30:59 -07:00
Tom Eastep
6ebe28040b
Add Four to the list of authors
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-17 07:42:45 -07:00
Tom Eastep
1e866eac28
Implement the other forms of NULL routing.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-16 08:20:52 -07:00
Tom Eastep
e2123ae276
Correct ifupdown handling on Debian
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-15 13:03:53 -07:00
Tom Eastep
b27e5f4378
Correct installation of /sbin/ifup-local and /sbin/ifdown-local
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-15 11:14:44 -07:00
Tom Eastep
b85880e8e6
Correct handling of install on RedHat and derivatives.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-15 10:53:36 -07:00
Tom Eastep
3e3cce534e
Split ifupdown.sh into separate per-distro scripts.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-15 10:25:32 -07:00
Tom Eastep
9a4df0fac8
Don't delete the user's tcstart file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-14 15:07:33 -07:00
Tom Eastep
8839ac45cf
Merge branch '4.5.14'
2013-03-14 14:03:49 -07:00
Tom Eastep
2763826059
Install the routes file unless $SPARSE
...
- Don't delete the file unconditionally.
- Delete an unhelpful comment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-14 14:03:05 -07:00
Tom Eastep
8c53fa175c
Update action tables in Shorewall-init article
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-14 11:05:47 -07:00
Tom Eastep
d246bedab8
Install the routes file unless $SPARSE
...
- Don't delete the file unconditionally.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-14 11:04:26 -07:00
Tom Eastep
d005ffa766
Update action tables in Shorewall-init article
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-13 11:17:10 -07:00
Tom Eastep
b10218e773
Add a 'UDPLITE Port Redirection' capability.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 10:07:52 -07:00
Tom Eastep
e77ca971bd
Avoid shell diagnostic in 'show capabilities' when no arptables installed
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 09:48:10 -07:00
Tom Eastep
8442477224
Add Enhanced Multi-port match capability
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 09:04:47 -07:00
Tom Eastep
fd2fcc996f
Don't allow port redirection with UDPLITE
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 08:32:45 -07:00
Tom Eastep
6e9fc77f73
Remove nonsensical comment from the stoppedrules manpage
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-09 08:15:13 -08:00
Tom Eastep
8c4c856caa
Issue a warning if the contents of the DUPLICATE column may be invalid.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-09 07:57:13 -08:00
Tom Eastep
a167e3449e
Avoid Perl run-time errors when checking a provider interface.
...
- Handle case where a provider interface matches a wildcard
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-09 07:56:16 -08:00
Tom Eastep
b871fc689c
Merge branch 'FETCH_HEAD' into 4.5.14
2013-03-09 07:11:47 -08:00
Tom Eastep
cfe2bd11b0
Allow 'none' in the COPY column when the DUPLICATE column is empty.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-08 19:18:13 -08:00
Tom Eastep
bd64baa8d9
Require at least one zone for a provider
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-08 13:08:23 -08:00
Tom Eastep
e1f7a9dbf8
Reverse an earlier silly patch.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-08 10:38:13 -08:00
Tom Eastep
fe6533943c
Correct 'routes' manpages.
...
- change 4.5.15 with 4.5.14 for the availability of blackhole routes
- Add 'main' to the legal providers.
2013-03-08 08:26:08 -08:00
Tom Eastep
7913082d41
Merge branch 'master' into 4.5.14
2013-03-08 08:19:43 -08:00
Tom Eastep
a990ceecba
Clarify ipsets WRT xtables-addons.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-08 08:18:00 -08:00
Tom Eastep
4586568649
Merge branch '4.5.14' of ssh://git.code.sf.net/p/shorewall/code
2013-03-08 08:00:43 -08:00
Tom Eastep
b4d4083513
Split large '--ports' lists across multiple rules.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-08 07:38:23 -08:00
Tom Eastep
91f5a9dec0
Make 'main' work correctly when specified in the routes file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-08 07:26:49 -08:00
Tom Eastep
50030bcc2d
Revert "Don't allow routes to be added to non-Provider tables."
...
This reverts commit 6f9a1ba29d
.
2013-03-08 06:55:12 -08:00
Tom Eastep
8eacbe287b
Correction to MULTIPORT patch
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-07 18:11:59 -08:00
Tom Eastep
6f9a1ba29d
Don't allow routes to be added to non-Provider tables.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-07 17:18:57 -08:00
Tom Eastep
6ba02c4a24
Merge branch 'master' into 4.5.14
...
Conflicts:
Shorewall/Perl/Shorewall/Providers.pm
2013-03-07 08:29:30 -08:00
Tom Eastep
c4f0be96ac
Require that interfaces in the COPY column be known.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-07 07:32:56 -08:00
Tom Eastep
7da10ff923
Additional change to copy blackhole routes.
...
- Add 'blackhole' to the outer case statement
- Add RFC1918 blackhole routes before starting providers.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-07 07:01:58 -08:00
Tom Eastep
ace9a49106
Allow addition of blackhole routes.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-07 07:01:41 -08:00
Tom Eastep
7f2c933cb3
Copy blackhole routes to secondary tables.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-07 07:01:18 -08:00
Tom Eastep
f091935f96
Merge branch 'FETCH_HEAD'
2013-03-07 06:53:44 -08:00
Tom Eastep
5aa731e963
Additional change to copy blackhole routes.
...
- Add 'blackhole' to the outer case statement
- Add RFC1918 blackhole routes before starting providers.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-07 06:52:16 -08:00
Tom Eastep
5e0749da3c
New approach to copying blackhole routes to secondary routing tables.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-06 20:02:48 -08:00
Tom Eastep
06e7f297f7
Allow addition of blackhole routes.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-06 11:48:09 -08:00
Tom Eastep
216029c3a9
Copy blackhole routes to secondary tables.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-06 11:04:23 -08:00
Tom Eastep
ec5e1b54c1
Correct COPY description in the multi-ISP document.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-06 08:28:18 -08:00