Commit Graph

7391 Commits

Author SHA1 Message Date
Tom Eastep
3d8d5aa469
quote $LOG_LEVEL in shorewall[6].conf files
- Delete AllowICMPs from IPv4 policy action settings

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-08 14:16:24 -08:00
Tom Eastep
49811d24fa
Correct convertion of tcrules->mangle when a writable mangle exists
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-07 15:21:45 -08:00
Tom Eastep
fe4aaee1b4
Fix typos in action.dropNotSyn
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-07 14:37:08 -08:00
Tom Eastep
0ec7bc846e
Correct logging in inline policy actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-07 13:58:14 -08:00
Tom Eastep
dbcd4d9d16
Correct typo in action.AllowICMPs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-07 13:57:05 -08:00
Tom Eastep
5a996cbda7
Change AllowICMPs to an inline action
Signed-off-by: Tom Eastep <teastep@shorewall.net>

Conflicts:
	Shorewall/actions.std
2017-03-07 13:56:44 -08:00
Tom Eastep
6019adaae5
Change macro.ICMPs to an inline action
Signed-off-by: Tom Eastep <teastep@shorewall.net>

Conflicts:
	Shorewall/actions.std
2017-03-07 13:54:52 -08:00
Tom Eastep
4f869c3506
More manpage updates for tcp:!syn
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-07 11:13:58 -08:00
Tom Eastep
e3c2874b21
Modify dropNotSyn to use {proto=6:!syn}
- also make the same change in the rejNotSyn audited case
2017-03-07 11:00:39 -08:00
Tom Eastep
e8a0142480
Document tcp:!syn support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-07 10:48:24 -08:00
Tom Eastep
a4768776f7
Modify rejNotSyn to use new/corrected features
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-07 10:34:15 -08:00
Tom Eastep
8e000b158e
Correct the handling of tcp-reset
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-07 10:33:51 -08:00
Tom Eastep
f1d1ab6411
Implement tcp:!syn in PROTO column
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-07 10:33:20 -08:00
Tom Eastep
cd103bb715
Correct rejNotSyn
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-06 16:01:31 -08:00
Tom Eastep
5f1370f1b4
Clear the firewall on Debian systemd 'stop' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-06 11:22:55 -08:00
Tom Eastep
dc53fa2665
Correct file/line from ?error
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-06 11:02:06 -08:00
Tom Eastep
71d9a03697
Update shorewall[6]-rules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-05 14:29:57 -08:00
Tom Eastep
137d4bcc90
Alter logging behavior of Limit
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-05 13:03:57 -08:00
Tom Eastep
356d3fa2dd
Correct new directives with respect to omitting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-05 12:09:54 -08:00
Tom Eastep
80d93235b5
Eliminate builtin actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-05 12:09:33 -08:00
Tom Eastep
c1e7fce1c5
Report the file/line where action invoked
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-05 09:29:00 -08:00
Tom Eastep
63ec936f21
Remove determinism sorts 2017-03-04 19:05:33 -08:00
Tom Eastep
dabe0bd205
Set PERL_HASH_SEED to make compilation deterministic.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-04 18:48:48 -08:00
Tom Eastep
63cf7dd699
Revert "Move $test to the config module."
This reverts commit 876d76b294.
2017-03-04 18:45:40 -08:00
Matt Darfeuille
0b3a32b365
Change the preferred way to remove sysvinit script
- Correct typo in command
 - Correct spacing

Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-04 09:03:59 -08:00
Tom Eastep
a7d45e9566
Restore logging to the BLACKLIST action
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-03 10:14:30 -08:00
Tom Eastep
876d76b294
Move $test to the config module.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-02 11:42:07 -08:00
Tom Eastep
9075a6dd7a
Copy libs and footer when compiling for test
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-02 10:49:49 -08:00
Tom Eastep
61f5e3531c
Rename action.allowUPnP to action.allowinUPnP
- Allows 'show action allowinUPnP' to work correctly.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-02 10:05:31 -08:00
Matt Darfeuille
7ffe8e4e4b
shorewall: Document the -p option in installer
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-23 09:33:35 -08:00
Matt Darfeuille
06c6a017d5
Use a specific parameter file for systemd script
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:56:25 -08:00
Matt Darfeuille
75fd8ccb37
Use a specific parameter file for sysvinit script
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:56:21 -08:00
Matt Darfeuille
8c7e6fddfd
Use a common uninstaller for Sw and Sw6
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:56:11 -08:00
Matt Darfeuille
783e438b4a
Be more verbose while uninstalling Shorewall
- Remove version file as a file and not as a directory.

Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:56:00 -08:00
Matt Darfeuille
27a620347a
shorewall: Fail if Shorewall-core is not installed
Shorewall-core's version file resides in ${SHAREDIR}/shorewall.

Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:55:56 -08:00
Matt Darfeuille
a496edef54
Use a function to fail on fatal error
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:55:50 -08:00
Matt Darfeuille
22b044f350
shorewall: Use a function to install file
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:55:41 -08:00
Matt Darfeuille
c58efe7698
Unify the uninstallers
- Clean up code
 - Use the .service suffix

Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:55:36 -08:00
Matt Darfeuille
f48b2e715f
Unify the installers
- Clean up code

Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:55:31 -08:00
Matt Darfeuille
f6f7e691d0
Fail if the rc file can not be loaded
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:54:40 -08:00
Matt Darfeuille
a9048b63f2
Correct typos
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:54:36 -08:00
Matt Darfeuille
bc1df90829
Group comment lines with corresponding command
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:54:33 -08:00
Matt Darfeuille
09462cf92b
Use 4 octal digits as numeric mode in installers
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:54:29 -08:00
Matt Darfeuille
315d4c39b8
Create and set directory mode using a function
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:54:04 -08:00
Matt Darfeuille
42554f8f31
Add cant_autostart() to the installers's library
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:53:59 -08:00
Matt Darfeuille
f0debcb6fb
Copy only required libraries to run Shorewall
Copy only libraries that are required by Shorewall to operate properly.

Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:53:54 -08:00
Matt Darfeuille
20cc56f2f1
Load uninstallers's common functions
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 17:53:39 -08:00
Matt Darfeuille
4e771083c7
Load installers's common functions
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 16:42:38 -08:00
Matt Darfeuille
a6eebc8ecf
Replace product names by product vars
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-22 16:40:41 -08:00
Tom Eastep
6966270822
Allow 'show action' on buitin actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-19 13:43:23 -08:00