extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-09 01:04:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,316 Commits 104 Branches 736 Tags 55 MiB
138638cb1a
Commit Graph

12316 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Eastep
138638cb1a Effectively use the specified directory as the CONFIG_PATH til .conf is read 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-13 07:45:24 -08:00
Tom Eastep
c5bb16ac26 Another fix for IPv6 address lists. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-13 07:44:19 -08:00
Tom Eastep
394850e68e Document updates for IPv6 and Shorewall Lite 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-13 06:58:22 -08:00
Tom Eastep
f44becdee1 Rename BLACKLIST_LOGLEVEL to BLACKLIST_LOG_LEVEL for consistent naming. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-12 07:47:02 -08:00
Tom Eastep
84c5822c20 Correct IPv6 List Handling 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-11 16:45:03 -08:00
Tom Eastep
b4977db5b2 Add %section_states that maps sections to their related state(s). 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-11 14:59:48 -08:00
Tom Eastep
f23f7400d8 Merge branch '4.5.13' 2013-02-11 11:52:02 -08:00
Tom Eastep
db8f90f182 Remove allow_optimize() call from action.New. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-11 06:45:33 -08:00
Tom Eastep
8d0a80a7e2 Merge branch '4.5.13' 2013-02-11 06:40:11 -08:00
Tom Eastep
9f9220f854 Only look in the specified directory for params when compiling as non-root. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-11 06:36:32 -08:00
Tom Eastep
bda1e05d9a Mention the requirement for a params file in the Shorewall Lite article. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-11 05:58:01 -08:00
Tom Eastep
b9d5b92f1b Correct handling of expressions consisting of a single number. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-10 15:19:30 -08:00
Tom Eastep
b349cc0f22 A better fix for inline default action with parameters. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-10 09:29:30 -08:00
Tom Eastep
a312bfbb42 Add a section => name function map 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-10 09:27:43 -08:00
Tom Eastep
c35e753b1d A better fix for inline default action with parameters. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-10 09:16:18 -08:00
Tom Eastep
8b4349b356 Merge branch '4.5.13' 2013-02-10 09:05:41 -08:00
Tom Eastep
54c43396f0 Correct default action handling: 
- isolate basic target before testing for action/inline
- delete the action chain if appropriate.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-10 09:00:13 -08:00
Tom Eastep
f9dc89dc61 Allow arbitrary $n variables when IGNOREUNKNOWNVARIABLES=Yes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-10 07:56:04 -08:00
Tom Eastep
60e3f1015e Allow arbitrary $n variables when IGNOREUNKNOWNVARIABLES=Yes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-10 07:51:35 -08:00
Tom Eastep
83111a1126 Clarify the requirement for accessing $n in an action body 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-09 20:24:26 -08:00
Tom Eastep
8e0a90e077 Merge branch '4.5.13' 2013-02-09 17:54:06 -08:00
Tom Eastep
cadf2747fe Correct reset_optflags() 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-09 17:53:40 -08:00
Tom Eastep
810ebe32ce Merge branch '4.5.13' 2013-02-09 13:15:44 -08:00
Tom Eastep
c04c61b314 Correct typos in check_rules(). 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-09 11:42:54 -08:00
Tom Eastep
a8fdfa4e48 Create an ESTABLISHED chain 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-09 09:32:12 -08:00
Tom Eastep
a4297381e9 Don't ACCEPT untracked packets unless UNTRACKED_DISPOSITION=ACCEPT 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-09 09:15:05 -08:00
Tom Eastep
eaa6d72a4f Allow parameters to be omitted in action invocations. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-09 07:07:01 -08:00
Tom Eastep
e664b6bafb Correct action.TCPFlags 
- restore rule dropped when converted.
- remove cruft
- Correct parameter handling

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-08 15:39:04 -08:00
Tom Eastep
96d64d0a04 Remove extraneous default parameter from action.Untracked 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-08 13:00:54 -08:00
Tom Eastep
122a8358fc Correct the default action description in the New action. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-08 12:59:22 -08:00
Tom Eastep
acbff91d87 Remove 'default action' comments from the xxxInvalid actions. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-08 12:57:44 -08:00
Tom Eastep
1bd9e8b015 Correct allowInvalid and dropInvalid 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-08 10:49:12 -08:00
Tom Eastep
62a567b550 Treat each -m conntrack subtype as a separate match 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-08 10:08:23 -08:00
Tom Eastep
e4f1c62e71 Improve handling of nested state actions 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-08 09:09:20 -08:00
Tom Eastep
b3caaaf707 Pass the state name to perl_action_helper() from the state actions. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-08 06:39:16 -08:00
Tom Eastep
b9e504683e Prevent a state action from invoking another one. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-07 16:52:06 -08:00
Tom Eastep
aae6e001fe Convert dropInvalid and allowInvalid to inline actions. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-07 11:21:13 -08:00
Tom Eastep
aa528dd075 Revert "Convert allowInvalid and dropInvalid into macros" 
This reverts commit 272e1d330c.
 2013-02-07 09:09:56 -08:00
Tom Eastep
e4ae242123 Another tweak to check_state() 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-06 12:07:51 -08:00
Tom Eastep
272e1d330c Convert allowInvalid and dropInvalid into macros 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-06 09:54:12 -08:00
Tom Eastep
a66256b25b Additional refinements of check_state() 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-06 08:16:42 -08:00
Tom Eastep
11b976fb36 Correct reference type in check_state() 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-05 19:55:22 -08:00
Tom Eastep
a6ccd53fe0 Unconditionally use '-j' to branch to a state chain or DISPOSITION. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-04 15:17:49 -08:00
Tom Eastep
b22b63b1c3 Don't use '-g' when DISPOSITION is CONTINUE. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-04 15:09:17 -08:00
Tom Eastep
615df6ab8f Handle 'RETURN' in state chain with terminating disposition. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-04 15:08:20 -08:00
Tom Eastep
3757607356 Remove cruft from two actions. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-04 10:11:51 -08:00
Tom Eastep
f6faef7cd0 Correct syntax error in action.Untracked 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-04 09:58:38 -08:00
Tom Eastep
d8214885f2 Assume that the conntrack state value in a rule is not a reference. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-04 08:29:50 -08:00
Tom Eastep
475942deb9 Normalize rules prior to combine_state tests. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-03 18:14:14 -08:00
Tom Eastep
f1707d2ace More state rule check fixes. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-02-03 18:02:02 -08:00