Tom Eastep
|
1870c281a9
|
Make AUDIT support params again.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-25 08:26:44 -08:00 |
|
Tom Eastep
|
dbfc805707
|
Add 'IU' state in secmarks
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-25 08:10:53 -08:00 |
|
Tom Eastep
|
748d532175
|
Correct the explaination of ULOG and NFLOG in the manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-24 09:11:28 -08:00 |
|
Tom Eastep
|
b7e2b28562
|
Transfer tag when merging into an NFLOG/ULOG rule.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-24 09:04:56 -08:00 |
|
Tom Eastep
|
67e1e6cf91
|
Allow WHITELIST in IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-23 14:19:14 -08:00 |
|
Tom Eastep
|
cd2854cad0
|
Fix NFLOG/ULOG implementation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-23 13:49:43 -08:00 |
|
Tom Eastep
|
75c148a2dd
|
Enable 'debug' on the try, stop and clear commands.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-23 11:46:14 -08:00 |
|
Tom Eastep
|
71bbc632ce
|
Handle 'fw' correctly in the SOURCE column of the stoppedrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-23 08:35:51 -08:00 |
|
Tom Eastep
|
b6a1a7d538
|
Make NFLOG and ULOG built-ins.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-23 08:14:24 -08:00 |
|
Tom Eastep
|
30de211bda
|
Implement format-3 conntrack files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-22 20:56:56 -08:00 |
|
Tom Eastep
|
3f7425b6a0
|
Purge %renamed before each table is processed.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-22 17:27:09 -08:00 |
|
Tom Eastep
|
8a744de906
|
Document semantic change to 'all' handling in the conntrack file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-22 09:10:07 -08:00 |
|
Tom Eastep
|
26dee73895
|
Support the audited targets on IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-22 08:24:51 -08:00 |
|
Tom Eastep
|
df7ce1a7d1
|
Add the AUDIT built-in and delete the Audit action.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-22 08:24:33 -08:00 |
|
Tom Eastep
|
4a05571e7e
|
Add forward prototype for process_macro()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-22 08:00:15 -08:00 |
|
Tom Eastep
|
b89e05740d
|
Insure that nested zone exclusions go in the proper place in raw PREROUTING
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-21 14:49:21 -08:00 |
|
Tom Eastep
|
3040156981
|
Add SWITCH column to the conntrack file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-21 14:20:56 -08:00 |
|
Tom Eastep
|
54dadcc546
|
Ensure that zone-specific rules come before 'all' rules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-21 14:20:30 -08:00 |
|
Tom Eastep
|
952aed225d
|
Improve handling of 'all' in the conntrack file.
- Also added 'all-' to represent all off-firewall zones.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-21 13:07:01 -08:00 |
|
Tom Eastep
|
7bfbf522bc
|
Document that parameters are allowed in default actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-21 11:12:55 -08:00 |
|
Tom Eastep
|
1efd47a7e9
|
Apply Tuomo Soini's fix for RHEL5
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-21 10:34:00 -08:00 |
|
Tom Eastep
|
c0a2f19500
|
Add an Audit action.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-21 10:24:14 -08:00 |
|
Tom Eastep
|
374489c3cf
|
Revert "Fix RHEL5 issue with route marking."
This reverts commit 77f342b0e0 .
|
2012-11-21 10:19:24 -08:00 |
|
Tom Eastep
|
77f342b0e0
|
Fix RHEL5 issue with route marking.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-21 09:08:15 -08:00 |
|
Tom Eastep
|
8f52c9744e
|
Correct some issues with default action macros.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-21 08:29:35 -08:00 |
|
Tom Eastep
|
1957af04fd
|
Don't create a _weight file for an optional non-provider interface.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-20 16:10:30 -08:00 |
|
Tom Eastep
|
a0faba2a03
|
Correct interface/provider handling.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-20 13:27:15 -08:00 |
|
Tom Eastep
|
c798200b20
|
Another correction to CHECKSUM detection.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-20 10:09:28 -08:00 |
|
Tom Eastep
|
67ae9df0f8
|
Correct handling of unknown interfaces in TC.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-20 08:07:42 -08:00 |
|
Tom Eastep
|
ebb4e1f6e4
|
Don't generate start/stop functions for wildcard optional interfaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-20 07:06:27 -08:00 |
|
Tom Eastep
|
f458e99390
|
Correct the compiler's CHECKSUM detection
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-20 06:59:40 -08:00 |
|
Tom Eastep
|
5b049d7e9e
|
Improve readability in Rules module
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-20 06:59:13 -08:00 |
|
Tom Eastep
|
3b20c0db54
|
Allow Macros to be used as Default Actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-19 16:52:10 -08:00 |
|
Tom Eastep
|
0d8931e49f
|
Don't use ':' as a join character in contatenated macro ACTION expansion.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-19 12:58:29 -08:00 |
|
Tom Eastep
|
47791add99
|
Fix formatting of a line of code.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-19 12:30:25 -08:00 |
|
Tom Eastep
|
be587726f4
|
Merge branch '4.5.9'
|
2012-11-19 08:22:05 -08:00 |
|
Tom Eastep
|
60a509c926
|
Add new macros and alphabetize the ACTION list in the rules manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-19 08:19:12 -08:00 |
|
Tom Eastep
|
b25ece75de
|
Don't leave temporary chain in the raw table when LOAD_HELPERS_ONLY=No
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-19 08:18:32 -08:00 |
|
Tom Eastep
|
e9ef03f723
|
Add a ULOG Macro.
- Also remove 'DEFAULT' from NFLOG macro.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-19 07:15:50 -08:00 |
|
Tom Eastep
|
0db7b6c58a
|
Don't require a parameter with '&'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 15:45:58 -08:00 |
|
Tom Eastep
|
57e913d86e
|
Merge branch '4.5.9'
|
2012-11-18 15:02:46 -08:00 |
|
Tom Eastep
|
263f4e57cb
|
Add an NFLOG Macro
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 14:52:53 -08:00 |
|
Tom Eastep
|
a4294658b6
|
Add a capability to use log levels as a target.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 14:50:59 -08:00 |
|
Tom Eastep
|
65e1b1c9e7
|
Allow NFLOG as a target
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 13:15:24 -08:00 |
|
Tom Eastep
|
a07cfb0885
|
Allow NFLOG as a target
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 13:13:43 -08:00 |
|
Tom Eastep
|
9dac330756
|
Remove references to USE_ACTIONS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 13:13:20 -08:00 |
|
Tom Eastep
|
dfd02c932e
|
Correct typo in shorewall(8) and shorewall6(8).
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 13:12:03 -08:00 |
|
Tom Eastep
|
c6ffdd67e2
|
Add DROP target to the conntrack file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 11:35:40 -08:00 |
|
Tom Eastep
|
5265cd5bb7
|
Add UNTRACKED match to the secmarks file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 11:01:49 -08:00 |
|
Tom Eastep
|
ab381ed95e
|
Expand the description of enable/disable on optional non-provider interfaces.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 09:01:38 -08:00 |
|