Commit Graph

1286 Commits

Author SHA1 Message Date
Tom Eastep
5729be6431
Add dropInvalid to BLACKLIST_DEFAULT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-10 09:06:41 -08:00
Tom Eastep
c534c458dd
Revert "Remove Multicast from IPv6 Policy Actions"
This reverts commit 85d571d013.
2017-03-10 08:53:54 -08:00
Tom Eastep
61435936fe
Correct CONFIG_PATH in IPv6 Universal sample
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-09 14:06:47 -08:00
Tom Eastep
85d571d013
Remove Multicast from IPv6 Policy Actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-09 13:12:03 -08:00
Tom Eastep
fdb78898fc
Make TC_ENABLED=Shared the default in the samples
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-09 13:06:55 -08:00
Tom Eastep
3d8d5aa469
quote $LOG_LEVEL in shorewall[6].conf files
- Delete AllowICMPs from IPv4 policy action settings

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-08 14:16:24 -08:00
Tom Eastep
4f869c3506
More manpage updates for tcp:!syn
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-07 11:13:58 -08:00
Tom Eastep
e8a0142480
Document tcp:!syn support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-07 10:48:24 -08:00
Tom Eastep
5f1370f1b4
Clear the firewall on Debian systemd 'stop' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-06 11:22:55 -08:00
Tom Eastep
71d9a03697
Update shorewall[6]-rules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-05 14:29:57 -08:00
Tom Eastep
80d93235b5
Eliminate builtin actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-05 12:09:33 -08:00
Matt Darfeuille
06c6a017d5
Use a specific parameter file for systemd script
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:56:25 -08:00
Matt Darfeuille
75fd8ccb37
Use a specific parameter file for sysvinit script
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:56:21 -08:00
Matt Darfeuille
8c7e6fddfd
Use a common uninstaller for Sw and Sw6
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:56:11 -08:00
Matt Darfeuille
783e438b4a
Be more verbose while uninstalling Shorewall
- Remove version file as a file and not as a directory.

Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:56:00 -08:00
Matt Darfeuille
c58efe7698
Unify the uninstallers
- Clean up code
 - Use the .service suffix

Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:55:36 -08:00
Matt Darfeuille
f6f7e691d0
Fail if the rc file can not be loaded
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:54:40 -08:00
Matt Darfeuille
a9048b63f2
Correct typos
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:54:36 -08:00
Matt Darfeuille
20cc56f2f1
Load uninstallers's common functions
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:53:39 -08:00
Matt Darfeuille
a6eebc8ecf
Replace product names by product vars
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 16:40:41 -08:00
Tom Eastep
944888c04f
Handle broadcast and muticast separately
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-15 10:16:20 -08:00
Tom Eastep
48d301b2cf
Rename the policy LIMIT column to RATE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-12 10:17:43 -08:00
Tom Eastep
735919d8d3
Add LOG_LEVEL option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-12 09:52:55 -08:00
Tom Eastep
b4561e97c8
Deprecate Drop and Reject in actions.std
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-12 09:28:38 -08:00
Tom Eastep
66a63a4da5
Fix instances of $LOGrmation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-12 08:33:56 -08:00
Tom Eastep
8c9fb501fd
Adjust .conf files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-11 13:41:28 -08:00
Tom Eastep
09fda9eb6c
Manpage updates:
- interfaces: Clarify the 'bridge' option
- rtrules:    Warn about similar rules with same priority
2017-02-10 11:43:04 -08:00
Tom Eastep
7e984af094
Some cleanup of policy actions
- Allow '+' in policy file action list

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-07 13:19:53 -08:00
Tom Eastep
af8d4e32c2
Replace 'info' with '$LOG' in the sample policy files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-07 08:27:19 -08:00
Tom Eastep
e91f414223
Document policy action changes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-06 17:09:23 -08:00
Tom Eastep
3b82721956
Update Shorewall6 default-action defaults
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-06 13:56:45 -08:00
Tom Eastep
079d862bb3
Document default-action lists
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-06 10:51:57 -08:00
Tom Eastep
70a395892f
Make BLACKLIST work correctly in the blrules file
- Add the 'section' action option

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-23 15:03:02 -08:00
Tom Eastep
e6933f4c8d
Add BLACKLIST policy
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-18 10:55:15 -08:00
Tom Eastep
cc3b8793e0
Make BALANCE_PROVIDERS default the setting of USE_DEFAULT_RT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-17 15:02:16 -08:00
Tom Eastep
45b9ddf188
Add BALANCE_PROVIDERS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-17 08:58:09 -08:00
Tom Eastep
2d16fac9ed
Revert "Implement USE_DEFAULT_RT=Exact"
This reverts commit 2ca1ae734a.
2017-01-17 08:25:33 -08:00
Tom Eastep
2ca1ae734a
Implement USE_DEFAULT_RT=Exact
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-14 08:14:08 -08:00
Tom Eastep
b8c322a05f
Ignore SUBSYSLOCK when $SERVICEDIR is non-empty
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-06 15:50:26 -08:00
Tom Eastep
f68d3fd9fa
Revert "Remove SUBSYSLOCK"
This reverts commit 386b137e9b.
2017-01-06 09:49:40 -08:00
Tom Eastep
386b137e9b
Remove SUBSYSLOCK
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-05 10:03:03 -08:00
Tom Eastep
ce68f84d9d
Remove Makefile from Shorewall[6][-lite]
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-05 08:22:02 -08:00
Tom Eastep
2f9ef4dda7
Update kernel module files
- Include additional nat modules

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-30 10:56:16 -08:00
Tom Eastep
5174fe0161
Avoid echo options
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-28 11:09:08 -08:00
Tom Eastep
c4bbb46e3f
Eliminate rawpost table support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-26 14:20:08 -08:00
Tom Eastep
c9f45277b8
Move the action files to their own directory
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-23 09:05:37 -08:00
Matt Darfeuille
20c764ca5c
shorewall6: Don't set the 'file' var needlessly
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-19 08:14:48 -08:00
Tom Eastep
e3951cb5a3
Re-add volume 8 manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-18 16:16:50 -08:00
Matt Darfeuille
1cb32e3127
shorewall6: Correct the filepath of .shorewallrc
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-18 12:14:25 -08:00
Tom Eastep
08c6b80e1e
Correct typo in the snat manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-11 14:32:27 -08:00