Commit Graph

12648 Commits

Author SHA1 Message Date
Tom Eastep
536fea27a5 Detect duplicate routes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-22 14:59:35 -07:00
Tom Eastep
215fd9e234 Use 'replace' rather than 'add' for routes defined in the routes file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-22 14:55:27 -07:00
Tom Eastep
1701bd46fc Correct table entry in the Shorewall-init article.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-22 14:54:18 -07:00
Tom Eastep
4c0a0e0ff8 Don't emit 'qt ' in the undo_x_routing files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-22 13:20:27 -07:00
Tom Eastep
1a4db31ff0 Make NetworkManager with with Shorewall-init on SuSE.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-21 15:02:35 -07:00
Tom Eastep
9e5cf92a59 Merge branch '4.5.14' 2013-03-21 12:00:20 -07:00
Tom Eastep
3ac6835650 Handle IPv6 /32 networks correctly.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-21 11:30:59 -07:00
Tom Eastep
6ebe28040b Add Four to the list of authors
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-17 07:42:45 -07:00
Tom Eastep
1e866eac28 Implement the other forms of NULL routing.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-16 08:20:52 -07:00
Tom Eastep
e2123ae276 Correct ifupdown handling on Debian
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-15 13:03:53 -07:00
Tom Eastep
b27e5f4378 Correct installation of /sbin/ifup-local and /sbin/ifdown-local
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-15 11:14:44 -07:00
Tom Eastep
b85880e8e6 Correct handling of install on RedHat and derivatives.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-15 10:53:36 -07:00
Tom Eastep
3e3cce534e Split ifupdown.sh into separate per-distro scripts.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-15 10:25:32 -07:00
Tom Eastep
9a4df0fac8 Don't delete the user's tcstart file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-14 15:07:33 -07:00
Tom Eastep
8839ac45cf Merge branch '4.5.14' 2013-03-14 14:03:49 -07:00
Tom Eastep
2763826059 Install the routes file unless $SPARSE
- Don't delete the file unconditionally.
- Delete an unhelpful comment

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-14 14:03:05 -07:00
Tom Eastep
8c53fa175c Update action tables in Shorewall-init article
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-14 11:05:47 -07:00
Tom Eastep
d246bedab8 Install the routes file unless $SPARSE
- Don't delete the file unconditionally.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-14 11:04:26 -07:00
Tom Eastep
d005ffa766 Update action tables in Shorewall-init article
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-13 11:17:10 -07:00
Tom Eastep
b10218e773 Add a 'UDPLITE Port Redirection' capability.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 10:07:52 -07:00
Tom Eastep
e77ca971bd Avoid shell diagnostic in 'show capabilities' when no arptables installed
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 09:48:10 -07:00
Tom Eastep
8442477224 Add Enhanced Multi-port match capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 09:04:47 -07:00
Tom Eastep
fd2fcc996f Don't allow port redirection with UDPLITE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 08:32:45 -07:00
Tom Eastep
6e9fc77f73 Remove nonsensical comment from the stoppedrules manpage
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-09 08:15:13 -08:00
Tom Eastep
8c4c856caa Issue a warning if the contents of the DUPLICATE column may be invalid.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-09 07:57:13 -08:00
Tom Eastep
a167e3449e Avoid Perl run-time errors when checking a provider interface.
- Handle case where a provider interface matches a wildcard

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-09 07:56:16 -08:00
Tom Eastep
b871fc689c Merge branch 'FETCH_HEAD' into 4.5.14 2013-03-09 07:11:47 -08:00
Tom Eastep
cfe2bd11b0 Allow 'none' in the COPY column when the DUPLICATE column is empty.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-08 19:18:13 -08:00
Tom Eastep
bd64baa8d9 Require at least one zone for a provider
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-08 13:08:23 -08:00
Tom Eastep
e1f7a9dbf8 Reverse an earlier silly patch.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-08 10:38:13 -08:00
Tom Eastep
fe6533943c Correct 'routes' manpages.
- change 4.5.15 with 4.5.14 for the availability of blackhole routes
- Add 'main' to the legal providers.
2013-03-08 08:26:08 -08:00
Tom Eastep
7913082d41 Merge branch 'master' into 4.5.14 2013-03-08 08:19:43 -08:00
Tom Eastep
a990ceecba Clarify ipsets WRT xtables-addons.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-08 08:18:00 -08:00
Tom Eastep
4586568649 Merge branch '4.5.14' of ssh://git.code.sf.net/p/shorewall/code 2013-03-08 08:00:43 -08:00
Tom Eastep
b4d4083513 Split large '--ports' lists across multiple rules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-08 07:38:23 -08:00
Tom Eastep
91f5a9dec0 Make 'main' work correctly when specified in the routes file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-08 07:26:49 -08:00
Tom Eastep
50030bcc2d Revert "Don't allow routes to be added to non-Provider tables."
This reverts commit 6f9a1ba29d.
2013-03-08 06:55:12 -08:00
Tom Eastep
8eacbe287b Correction to MULTIPORT patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-07 18:11:59 -08:00
Tom Eastep
6f9a1ba29d Don't allow routes to be added to non-Provider tables.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-07 17:18:57 -08:00
Tom Eastep
6ba02c4a24 Merge branch 'master' into 4.5.14
Conflicts:
	Shorewall/Perl/Shorewall/Providers.pm
2013-03-07 08:29:30 -08:00
Tom Eastep
c4f0be96ac Require that interfaces in the COPY column be known.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-07 07:32:56 -08:00
Tom Eastep
7da10ff923 Additional change to copy blackhole routes.
- Add 'blackhole' to the outer case statement
- Add RFC1918 blackhole routes before starting providers.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-07 07:01:58 -08:00
Tom Eastep
ace9a49106 Allow addition of blackhole routes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-07 07:01:41 -08:00
Tom Eastep
7f2c933cb3 Copy blackhole routes to secondary tables.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-07 07:01:18 -08:00
Tom Eastep
f091935f96 Merge branch 'FETCH_HEAD' 2013-03-07 06:53:44 -08:00
Tom Eastep
5aa731e963 Additional change to copy blackhole routes.
- Add 'blackhole' to the outer case statement
- Add RFC1918 blackhole routes before starting providers.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-07 06:52:16 -08:00
Tom Eastep
5e0749da3c New approach to copying blackhole routes to secondary routing tables.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-06 20:02:48 -08:00
Tom Eastep
06e7f297f7 Allow addition of blackhole routes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-06 11:48:09 -08:00
Tom Eastep
216029c3a9 Copy blackhole routes to secondary tables.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-06 11:04:23 -08:00
Tom Eastep
ec5e1b54c1 Correct COPY description in the multi-ISP document.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-06 08:28:18 -08:00