Commit Graph

63 Commits

Author SHA1 Message Date
teastep
ee3a9a9456 Add extra-quiet mode using -qq
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3262 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-09 17:11:30 +00:00
teastep
d81f2ca29e First releast of 'shorewall generate'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3237 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-07 01:08:23 +00:00
teastep
d145351222 Preparation for 'generate' command
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3236 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-06 23:02:55 +00:00
teastep
08993cfe08 Stop whining about ipt_owner messages under kernel 2.6.14
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2939 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-31 21:06:01 +00:00
teastep
609dc4d82b Remove Extended mark detection and reporting
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2924 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-24 22:35:05 +00:00
teastep
7630bace28 Remove ROUTE target detections/reporting
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2923 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-24 19:43:53 +00:00
teastep
508ee203e5 detect ClASSIFY target support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2808 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-05 23:22:39 +00:00
teastep
47a34926f4 Better diagnostics when IPP2P match is missing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2784 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-04 16:20:30 +00:00
teastep
84af786df4 Add capabilities report to 'shorewall dump' output
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2758 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-30 16:54:24 +00:00
teastep
1d763c84df Fix param handling in restore-base
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2654 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-09 16:52:10 +00:00
teastep
819e9dd38f Add SHOREWALL_LIBRARY global variable
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2649 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-08 22:30:32 +00:00
teastep
738b45ad9e Update the version number to 3.0 in all files
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2606 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-31 15:27:22 +00:00
teastep
f9f3fadd56 Add find_interface_by_mac()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2516 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-17 20:07:47 +00:00
teastep
ac1983a5da Large cleanup patch from Tuomo Soini
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2449 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-02 16:46:30 +00:00
teastep
3f748212d6 Globalize shorewall_is_started()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2443 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-01 20:35:28 +00:00
teastep
c66159abee capitalize 'terminator' variable; duplicate PREROUTING connmark logic in OUTPUT
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2441 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-01 17:17:24 +00:00
teastep
c7cb64e4ee Make a couple of more warnings more emphatic
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2438 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-31 17:15:37 +00:00
teastep
54a5a111a6 Make separate_list handle enclosures in a more general way
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2437 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-31 17:12:04 +00:00
teastep
9feb547b6e /sbin/shorewall status rework -- take 2
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2430 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-29 18:32:50 +00:00
teastep
6c8b63bfe0 Remove dependence on 'which'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2421 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-27 20:30:16 +00:00
teastep
b66929a65e Large merge of function from EXPERIMENTAL to HEAD.
1) Elimination of the "shorewall monitor" command.

2) The /etc/shorewall/ipsec and /etc/shorewall/zones file are combined into
a single /etc/shorewall/zones file. This is done in an upwardly-compatible
way so that current users can continue to use their existing files.

3) Support has been added for the arp_ignore interface option.

4) DROPINVALID has been removed from shorewall.conf. Behavior is as if
DROPINVALID=No was specified.

5) The 'nobogons' option and BOGON_LOG_LEVEL are removed.

6) Error and warning messages have been made easier to spot by using
capitalization (e.g., ERROR: and WARNING:).

7) The /etc/shorewall/policy file now contains a new connection policy and a
policy for ESTABLISHED packets. Useful for users of snort-inline who want to
pass all packets to the QUEUE target.

8) A new 'critical' option has been added to /etc/shorewall/routestopped.
Shorewall insures communication between the firewall and 'critical' hosts
throughout start, restart, stop and clear. Useful for diskless firewall's
with NFS-mounted file systems, LDAP servers, Crossbow, etc.

9) Macros. Macros are very similar to actions but are easier to use, allow
parameter substitution and are more efficient. Almost all of the standard
actions have been converted to macros in the EXPERIMENTAL branch.

10) The default value of ADD_IP_ALIASES in shorewall.conf is changed to No.

11) If you have 'make' installed on your firewall, then when you use
the '-f' option to 'shorewall start' (as happens when you reboot),
if your /etc/shorewall/ directory contains files that were modified
after Shorewall was last restarted then Shorewall is started using
the config files rather than using the saved configuration.


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2409 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-25 23:08:09 +00:00
paulgear
4f8bbb5866 Copy latest development version from Shorewall2/
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2269 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 06:13:05 +00:00
paulgear
2a19eb8a5a Copy latest 2.4 version from Shorewall2/
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2264 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 05:55:29 +00:00
paulgear
90dd62e89e Copy latest 2.2 version from STABLE2/
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2263 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 05:45:05 +00:00
paulgear
921a7223d4 Copy latest 2.0 code from STABLE2/
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2262 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 04:45:32 +00:00
teastep
f046ea3ab1 Fix route filtering
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@782 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-30 15:42:45 +00:00
teastep
5448a9cc38 Expand chain naming
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@777 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-25 00:54:01 +00:00
teastep
bb20363bb2 Fix for IPV6 addresses and the 'ip' utility
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@735 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-28 18:02:59 +00:00
teastep
05c0c27012 Fix adding range of aliases
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@734 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-27 19:53:02 +00:00
teastep
afbe79977e Fix adding range of aliases
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@732 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-27 15:13:03 +00:00
teastep
41de5afd06 Decommit per-interface dynamic blacklisting; warnings on 'unclean' dependencies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@726 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-24 01:24:23 +00:00
teastep
3ee26da51c Henry Yang's patch plus fix LOGRATE/ratelimit conflict on rules file logging
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@723 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-22 15:27:08 +00:00
teastep
510a35b46c Allow chains with IP addresses as names -- improved version
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@722 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-21 14:48:49 +00:00
teastep
90b5b607a6 Allow chains with IP addresses as names
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@721 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-21 13:18:51 +00:00
teastep
61ba5353e5 Simplify ip_broadcast()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@689 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-07 17:31:47 +00:00
teastep
9188253bd4 {
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@670 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-21 22:02:34 +00:00
teastep
ceed25dc1c Simplify ip_range slightly
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@645 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-06 14:34:46 +00:00
teastep
2ec4e96fbd Export smarter ip_range() with the /sbin/shorewall iprange command
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@644 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-06 13:24:23 +00:00
teastep
0b545b92b7 Correct handling of DNS names with embedded '-'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@642 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 23:41:41 +00:00
teastep
a4183f21fe Add empty variable for 'call' command
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@638 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 19:52:34 +00:00
teastep
17a7a0492d Take care of some ipcalc anomalies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@634 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 17:41:28 +00:00
teastep
134f5db118 Rename ip_cidr() to ip_vlsm()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@633 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 17:23:53 +00:00
teastep
4f6f76ec72 Added ipcalc command to /sbin/shorewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@632 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 17:14:21 +00:00
teastep
b1b3d09473 Move IP Address Manipulation Functions to /usr/share/shorewall/functions
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@631 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 16:24:41 +00:00
teastep
df034f6141 Clean up fix for INCLUDE
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@591 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-14 01:30:32 +00:00
teastep
51a7030fdb Make INCLUDE work in the zones file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@590 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-14 01:22:46 +00:00
teastep
ed0bbce737 Correct bug in nexted INCLUDE detection
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@534 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-07 21:20:46 +00:00
teastep
f16f401910 Limit INCLUDE nest level
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@529 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-29 15:15:05 +00:00
teastep
02a42e2fb0 INCLUDE directive; make 'traceroute -I' work again
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@528 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-29 14:37:50 +00:00
teastep
dbd20362ff One more comma-separated list tweak
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@467 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-23 15:56:45 +00:00