Tom Eastep
|
2bb143b28c
|
Save/restore nat OUTPUT jump to DOCKER
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-04 12:21:45 -08:00 |
|
Tom Eastep
|
99f83da3ab
|
Avoid duplicate rules after reload
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-04 11:09:53 -08:00 |
|
Tom Eastep
|
89e3e959dc
|
Revert bad change
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-04 10:20:55 -08:00 |
|
Tom Eastep
|
9e41264671
|
Go back to generating docker0 rules when it is defined to Shorewall
- Avoids issues after 'stop'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-04 09:27:47 -08:00 |
|
Tom Eastep
|
3fb715740d
|
Avoid duplicated code blocks in save_dynamic_chains()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-04 09:27:04 -08:00 |
|
Tom Eastep
|
ed6ff96aa0
|
Replace another $VARDIR instance
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-03 14:11:57 -08:00 |
|
Tom Eastep
|
18dac19d86
|
Remove dead code from save_dynamic_chains()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-03 14:09:55 -08:00 |
|
Tom Eastep
|
d5ea876e93
|
Replace $VARDIR with ${VARDIR} for consistency
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-03 11:54:14 -08:00 |
|
Tom Eastep
|
f7a6ad1412
|
Clean up formatting in define_firewall() and stop_firewall()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-03 09:24:43 -08:00 |
|
Tom Eastep
|
b279869629
|
Fix DOCKER issue
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-02 20:59:44 -08:00 |
|
Tom Eastep
|
c56ba534d6
|
Yet more PAGER fixes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-02 12:34:39 -08:00 |
|
Tom Eastep
|
90d254f0c3
|
Add PAGER option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-02 08:32:49 -08:00 |
|
Tom Eastep
|
a95de8d092
|
Page the output of verbose commands
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-01 15:12:54 -08:00 |
|
Tom Eastep
|
68cce5ff73
|
Eliminate some sillyness in normalize_action()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-29 11:17:15 -08:00 |
|
Tom Eastep
|
1c1881859f
|
Delete untrue comment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-29 08:45:47 -08:00 |
|
Tom Eastep
|
5b163e9bc2
|
Save/restore docker0 rules when it isn't defined to Shorewall
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-27 14:09:29 -08:00 |
|
Tom Eastep
|
71d64ab380
|
Add DOCKER network support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-27 13:36:47 -08:00 |
|
Tom Eastep
|
36d8518562
|
Code compaction
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-26 13:13:56 -08:00 |
|
Tom Eastep
|
6c88eb6916
|
Add an ECN action to shorewall-mangle(8)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-26 09:33:16 -08:00 |
|
Tom Eastep
|
6e1cc0f1d0
|
Correct stop/start Docker handling
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-25 13:37:44 -08:00 |
|
Tom Eastep
|
ee5ef07035
|
Correct another silly typo -- this time in allowBcast()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-24 14:58:10 -08:00 |
|
Tom Eastep
|
3c8696b91d
|
Correct silly typo in setup_ecn()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-24 09:35:13 -08:00 |
|
Tom Eastep
|
fd4de0c66a
|
Create more compact DOCKER conditional rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-22 14:46:35 -08:00 |
|
Tom Eastep
|
49536562e2
|
Emit more compact code when conditionally adding DOCKER chains
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-22 13:49:22 -08:00 |
|
Tom Eastep
|
36b6863b02
|
Update copyright date on lib.core
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-22 13:48:48 -08:00 |
|
Tom Eastep
|
63b501996e
|
Require ADDRTYPE for DOCKER=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-21 12:26:39 -08:00 |
|
Tom Eastep
|
7a9e9ad945
|
Decommit DOCKER=Yes in IPv6.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-21 12:03:41 -08:00 |
|
Tom Eastep
|
f4312a38b9
|
Add all Docker rules in the stopped state
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-21 10:33:45 -08:00 |
|
Tom Eastep
|
fc6a1f6d0d
|
Don't create Docker chains/rules if Docker isn't running
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-21 09:54:37 -08:00 |
|
Tom Eastep
|
83b899b030
|
Save/Restore Docker-generated rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-20 14:02:54 -08:00 |
|
Tom Eastep
|
61f6cacc30
|
Infrastructure required by Docker
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-20 14:01:48 -08:00 |
|
Tom Eastep
|
caba1cd770
|
DOCKER=Yes requires IPTABLES_S
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-20 10:03:06 -08:00 |
|
Tom Eastep
|
4306ff1029
|
Correct 'save_dynamic_chains'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-20 09:57:11 -08:00 |
|
Tom Eastep
|
663f82c158
|
Move nat POSTROUTING rules to SHOREWALL if DOCKER=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-20 09:24:06 -08:00 |
|
Tom Eastep
|
e66d9f6547
|
Add DOCKER option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-19 17:42:54 -08:00 |
|
Tom Eastep
|
f33f333937
|
Make 'default' and 'none' case insensitive in the GATEWAY column
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-17 15:25:46 -08:00 |
|
Tom Eastep
|
94cfe54f92
|
Allow routing tables with no default route
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-17 11:49:09 -08:00 |
|
Tom Eastep
|
8ac0f96029
|
Delete blank line
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-09 18:20:00 -08:00 |
|
Tom Eastep
|
894a98f24e
|
Improve optimizer handling of origin during rule merge
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-04 12:00:05 -08:00 |
|
Tom Eastep
|
bd9e8142b9
|
Ensure that the chain origin is used when there is no rule origin
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-03 10:43:10 -08:00 |
|
Tom Eastep
|
916a392fb0
|
Improve chain-completion rule tracking
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-02-02 14:57:47 -08:00 |
|
Tom Eastep
|
28983a0194
|
Add comment describing the origin member of a rule
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-31 09:29:24 -08:00 |
|
Tom Eastep
|
2cd098ba31
|
Update heading versions and copyrights
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-28 13:46:34 -08:00 |
|
Tom Eastep
|
9188f7efa3
|
Don't export shortlineinfo2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-28 13:38:26 -08:00 |
|
Tom Eastep
|
95a029316a
|
Improve get_keys*()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-28 12:51:23 -08:00 |
|
Tom Eastep
|
d4bea3d3ec
|
Optimize TRACK_RULES handling in the Chains module
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-28 11:38:48 -08:00 |
|
Tom Eastep
|
6085c6092f
|
Add origin comments to command-mode rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-28 10:58:09 -08:00 |
|
Tom Eastep
|
48df3d9627
|
Add origin member to the providers table
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-28 10:34:36 -08:00 |
|
Tom Eastep
|
94442abfcf
|
Correct check for duplicate interface in providers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-28 10:34:16 -08:00 |
|
Tom Eastep
|
86f2e23f33
|
Invoke add_irule_extended rather than a hack that predated that function
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-27 19:01:23 -08:00 |
|
Tom Eastep
|
6e9d5f45ec
|
Avoid spurious comment in jump to interface option chains.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-27 16:50:03 -08:00 |
|
Tom Eastep
|
039fd6ddd8
|
Move origin handling into log_[i]rule_limit
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-27 14:24:56 -08:00 |
|
Tom Eastep
|
57288086bf
|
Unify TRACK_RULES handling
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-27 12:55:21 -08:00 |
|
Tom Eastep
|
f999acda63
|
Eliminate shortlineinfo1()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-27 10:21:08 -08:00 |
|
Tom Eastep
|
b4723da07c
|
Eliminate $globals{TRACK_GLOBALS}
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-26 16:45:47 -08:00 |
|
Tom Eastep
|
3860a1dc72
|
Ensure that %origin is populated
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-26 16:31:04 -08:00 |
|
Tom Eastep
|
e756820ca1
|
Revert "Unify TRACK_RULES settings implementation"
This reverts commit 866cb04cbb .
|
2016-01-26 11:49:26 -08:00 |
|
Tom Eastep
|
866cb04cbb
|
Unify TRACK_RULES settings implementation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-25 18:07:46 -08:00 |
|
Tom Eastep
|
6ef136a546
|
Add origin information for entries in shorewall[6].conf
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-25 15:49:18 -08:00 |
|
Tom Eastep
|
9b3b4579a2
|
Change TRACK_RULES setting from Internal to File
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-24 16:15:36 -08:00 |
|
Tom Eastep
|
3e404b765f
|
Make .ip[6]tables-restore-input comments conditional
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-23 17:04:52 -08:00 |
|
Tom Eastep
|
2235641c9f
|
Add origin to the ip[6]tables input.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-23 15:13:12 -08:00 |
|
Tom Eastep
|
3fe4619f66
|
Fix origin in interfaces and hosts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-23 13:49:52 -08:00 |
|
Tom Eastep
|
247698a14d
|
Add origin in some rules from the Misc module
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-23 12:31:53 -08:00 |
|
Tom Eastep
|
73b20c832c
|
Add 'origin' member to rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-23 10:45:26 -08:00 |
|
Tom Eastep
|
8ac754caed
|
Add 'origin' member to the interface and hosts tables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-21 17:08:19 -08:00 |
|
Tom Eastep
|
1abb77d66d
|
Remove restrictions on -m geoip
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-18 22:30:15 -08:00 |
|
Tom Eastep
|
a28f3012d5
|
Correct $VERSION setting in Raw.pm
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-18 09:38:35 -08:00 |
|
Tom Eastep
|
7d443b5e2e
|
Eliminate return value from process_action()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-18 09:08:35 -08:00 |
|
Tom Eastep
|
a945b3e0dd
|
Tweak the process_action() changes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-17 17:03:46 -08:00 |
|
Tom Eastep
|
ec6c233666
|
Centralize Rules module handling of @CALLER in actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-17 16:29:35 -08:00 |
|
Tom Eastep
|
4059e9de95
|
Clean up use_policy_action()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-17 12:35:12 -08:00 |
|
Tom Eastep
|
1ee645cd79
|
Another determinism fix -- red and codel options are now sorted
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-17 09:50:34 -08:00 |
|
Tom Eastep
|
1fedb26f1d
|
Handle @CALLER in policy chains
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-17 09:42:01 -08:00 |
|
Tom Eastep
|
031371f259
|
Improve maintainability of action-tuple code
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-16 17:26:16 -08:00 |
|
Tom Eastep
|
742c15b289
|
Improve @CALLER fix to create unique chains per caller
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-16 17:12:03 -08:00 |
|
Tom Eastep
|
726d1492cd
|
Correct error message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-13 17:08:57 -08:00 |
|
Tom Eastep
|
12513e24a3
|
Revert "Implement dynamic actions"
This reverts commit 8075ba719a .
|
2016-01-13 11:04:41 -08:00 |
|
Tom Eastep
|
21765d618d
|
Create unique chains when @caller is used
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-13 11:04:23 -08:00 |
|
Tom Eastep
|
de21c59885
|
Correct hashlimit in logging rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-13 09:49:22 -08:00 |
|
Tom Eastep
|
8075ba719a
|
Implement dynamic actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-13 09:33:38 -08:00 |
|
Tom Eastep
|
3828eb856b
|
Rename HADIVERT to DIVERTHA
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-08 15:36:10 -08:00 |
|
Tom Eastep
|
ad2f20b824
|
Finish HAProxy support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-06 09:12:33 -08:00 |
|
Tom Eastep
|
4c33c2b957
|
Add support for HAProxy
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-06 08:27:50 -08:00 |
|
Tom Eastep
|
2f59ea5ca3
|
Implement the WAIT_OPTION capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-05 09:28:24 -08:00 |
|
Tom Eastep
|
e695e08009
|
A couple of corrections to the IP[6]TABLE transparency change
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-04 14:13:58 -08:00 |
|
Tom Eastep
|
c91b78a875
|
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
|
2016-01-04 13:10:48 -08:00 |
|
Tom Eastep
|
70a9240de6
|
Make IP[6]TABLES transparent
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-04 13:10:03 -08:00 |
|
Tom Eastep
|
06dd5dc38f
|
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
|
2016-01-02 12:37:43 -08:00 |
|
Tom Eastep
|
fad41e262a
|
Support the DROP command in the mangle file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-01-02 12:36:38 -08:00 |
|
Tom Eastep
|
694dc64900
|
Allow comma in disposition when LOGTAGONLY=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-12-23 09:06:43 -08:00 |
|
Tom Eastep
|
54b6488113
|
Allow a timeout to be specified in ADD rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-12-23 08:24:00 -08:00 |
|
Tom Eastep
|
8429f68897
|
Handle MAC addresses in IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-12-07 15:15:28 -08:00 |
|
Tom Eastep
|
3ddc2a8f8b
|
Add parentheses for readability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-12-07 08:02:35 -08:00 |
|
Tom Eastep
|
e75c88219f
|
Start optional interfaces when there are no providers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-11-05 18:07:31 -08:00 |
|
Tom Eastep
|
460f4bc5b7
|
Correct defect in processing the 'persistent' route option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-10-31 08:15:10 -07:00 |
|
Tom Eastep
|
5a3589b9a6
|
Add some comments in get_params()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-10-30 08:18:45 -07:00 |
|
Tom Eastep
|
3973cdf0da
|
Merge branch '5.0.1'
|
2015-10-28 14:35:27 -07:00 |
|
Tom Eastep
|
e39d405e86
|
More tweaks to params processing and exporting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-10-28 14:33:55 -07:00 |
|
Tom Eastep
|
239560be8d
|
Add Cygwin-specific code in get_params()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-10-28 13:47:40 -07:00 |
|
Tom Eastep
|
3873ebe06a
|
More param handling fixes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-10-28 09:37:52 -07:00 |
|
Tom Eastep
|
081cf30447
|
Don't export variables with parentheses in their names
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-10-27 17:45:22 -07:00 |
|
Tom Eastep
|
c2768a2d64
|
Correct error message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-10-26 13:08:09 -07:00 |
|
Tom Eastep
|
4f4358d4db
|
Correct error message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-10-26 13:07:40 -07:00 |
|
Tom Eastep
|
f822afef99
|
Issue warning if a persistent provider isn't optional
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-10-26 13:07:28 -07:00 |
|
Tom Eastep
|
56bf8b1572
|
Don't configure persistence if the interface has no address
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-10-26 07:42:47 -07:00 |
|
Tom Eastep
|
69dd7ce0b9
|
Add 'persistent' provider option - Phase II
- Also allow the creation of 'persistent' routing rules and routes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-10-25 16:45:11 -07:00 |
|
Tom Eastep
|
46c3db4f32
|
Add 'persistent' provider option - Phase I
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-10-22 06:58:32 -07:00 |
|
Tom Eastep
|
8dc16268a7
|
Delete main default routes when there are 'load=' or 'fallback=' interfaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-10-13 09:34:58 -07:00 |
|
Tom Eastep
|
7388ff5154
|
Fix RESTART
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-10-12 14:08:24 -07:00 |
|
Tom Eastep
|
72d4637c22
|
Replace LEGACY_RESTART with RESTART
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-10-12 11:45:58 -07:00 |
|
Tom Eastep
|
bb538a7c10
|
Merge branch 'master' into 5.0.0
Conflicts:
Shorewall-core/lib.common
Shorewall-core/shorewallrc.debian.systemd
Shorewall-lite/shorewall-lite.service.debian
Shorewall/Perl/Shorewall/Chains.pm
Shorewall/Perl/Shorewall/Compiler.pm
Shorewall/Perl/Shorewall/Config.pm
Shorewall/Perl/Shorewall/Misc.pm
Shorewall/Perl/Shorewall/Raw.pm
Shorewall/Perl/Shorewall/Tc.pm
Shorewall/Perl/compiler.pl
Shorewall/Perl/prog.footer
Shorewall/lib.cli-std
Shorewall/manpages/shorewall-mangle.xml
Shorewall/manpages/shorewall.conf.xml
Shorewall/manpages/shorewall.xml
Shorewall/shorewall.service.debian
Shorewall6-lite/shorewall6-lite.service.debian
Shorewall6/manpages/shorewall6-mangle.xml
Shorewall6/manpages/shorewall6.conf.xml
Shorewall6/manpages/shorewall6.xml
Shorewall6/shorewall6.service.debian
docs/MultiISP.xml
docs/Shorewall_Squid_Usage.xml
|
2015-10-12 10:55:36 -07:00 |
|
Tom Eastep
|
97e821d12d
|
Use %e rather than %_d for busybox compatibility
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-10-08 13:16:32 -07:00 |
|
Tom Eastep
|
af18896851
|
Remove options from 'update' warning messages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-10-05 08:19:09 -07:00 |
|
Tom Eastep
|
85e44c70eb
|
Add the Meta-connection to Tinc
- Both the macro and the tunnel type are updated
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-17 09:17:35 -07:00 |
|
Tom Eastep
|
888444f210
|
Add the Meta-connection to Tinc
- Both the macro and the tunnel type are updated
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-17 09:16:33 -07:00 |
|
Tom Eastep
|
03d99de8d5
|
Correct handling of reset
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-11 15:02:32 -07:00 |
|
Tom Eastep
|
1b571f3d86
|
Correct the reset command
- Also allow chain names to be specified a la the refresh command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-11 14:16:16 -07:00 |
|
Tom Eastep
|
7be4190e4c
|
Man page updates for the PROBABILITY column in the masq files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-08 18:00:53 -07:00 |
|
Tom Eastep
|
ddb325a662
|
Code changes for a PROBABILITY column in the masq file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-08 17:20:46 -07:00 |
|
Tom Eastep
|
e8ebfb5a11
|
Correct PSH,FIN check
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-07 15:46:14 -07:00 |
|
Tom Eastep
|
242080c59c
|
Rename SMALL_MASK to SMALL_MAX
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-07 13:10:44 -07:00 |
|
Tom Eastep
|
0aa5cb5086
|
Allow non-experts to use the user bits in the fw mark
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-07 11:35:47 -07:00 |
|
Tom Eastep
|
4b14924b99
|
Allow non-experts to use the user bits in the fw mark
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-07 11:29:24 -07:00 |
|
Tom Eastep
|
17d1caf8c5
|
Allow tags in global LOG_LEVELs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-06 16:08:59 -07:00 |
|
Tom Eastep
|
fcd5b30ca8
|
Add FIN,RST and PSH,FIN to the tcpflags set
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-06 11:49:29 -07:00 |
|
Tom Eastep
|
e6ec52c711
|
Move a line of code
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-06 10:33:36 -07:00 |
|
Tom Eastep
|
eddd58d459
|
Move a line of code
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-06 10:33:09 -07:00 |
|
Tom Eastep
|
1bf13e5fda
|
Provide default for SHOREWALL_SHELL
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-06 10:29:36 -07:00 |
|
Tom Eastep
|
dbf2c89083
|
Provide default for SHOREWALL_SHELL
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-06 10:28:44 -07:00 |
|
Tom Eastep
|
6554f7fe28
|
Disable bare SECTION in the rules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-04 11:16:07 -07:00 |
|
Tom Eastep
|
8f86e2df19
|
Correct typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-02 13:07:33 -07:00 |
|
Tom Eastep
|
59aeafba3a
|
Delimit inline matches by ';;'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-02 10:24:31 -07:00 |
|
Tom Eastep
|
9e98d30c92
|
Correct handling of log levels with default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-02 08:55:18 -07:00 |
|
Tom Eastep
|
582755edf4
|
Unconditionally get inline matches
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-02 08:03:22 -07:00 |
|
Tom Eastep
|
c6ec9990e7
|
Unconditionally get inline matches
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-02 08:02:02 -07:00 |
|
Tom Eastep
|
dea1f853ea
|
Correct progress messages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-01 12:42:01 -07:00 |
|
Tom Eastep
|
a30708519d
|
Correct progress messages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-09-01 11:57:28 -07:00 |
|
Tom Eastep
|
f5d9e87c59
|
Remove anacronistic logic from the Rules module
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-31 16:02:22 -07:00 |
|
Tom Eastep
|
ed90360b4c
|
Remove all of the update-specific options from the update command
Leave -i and -A
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-31 14:21:41 -07:00 |
|
Tom Eastep
|
6a374b80e0
|
Correct INLINE handling
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-31 12:36:05 -07:00 |
|
Tom Eastep
|
9638033e24
|
Cosmetic changes to first_entry() calls
Signed-off-by: Tom Eastep <teastep@shorewall.net>
Conflicts:
Shorewall/Perl/Shorewall/Tc.pm
|
2015-08-31 11:33:32 -07:00 |
|
Tom Eastep
|
87ef6f730f
|
Correct a typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-31 11:21:37 -07:00 |
|
Tom Eastep
|
53223e1440
|
Uniform mechanism for inserting conversion comments
Signed-off-by: Tom Eastep <teastep@shorewall.net>
Conflicts:
Shorewall/Perl/Shorewall/Tc.pm
|
2015-08-31 11:21:18 -07:00 |
|
Tom Eastep
|
9b886a99af
|
Fix $convert/$tcrules mess
Signed-off-by: Tom Eastep <teastep@shorewall.net>
Conflicts:
Shorewall/Perl/Shorewall/Tc.pm
|
2015-08-31 11:19:42 -07:00 |
|
Tom Eastep
|
c77d18965a
|
Place a header in a created mangle file during update -t
Signed-off-by: Tom Eastep <teastep@shorewall.net>
Conflicts:
Shorewall/Perl/Shorewall/Tc.pm
|
2015-08-31 11:16:45 -07:00 |
|
Tom Eastep
|
5a6586e06c
|
Don't enforce FASTACCEPT/BLACKLISTNEWONLY on convert
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-31 11:14:49 -07:00 |
|
Tom Eastep
|
df73f4b925
|
Assume EXPORTMODULES=No if it doesn't exist in old file during update
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-31 11:14:26 -07:00 |
|
Tom Eastep
|
be81ace811
|
Read capabilities file before the .conf file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-31 11:11:25 -07:00 |
|
Tom Eastep
|
e15a6f452e
|
Cosmetic changes to first_entry() calls
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-31 10:54:30 -07:00 |
|
Tom Eastep
|
656eaabce9
|
Correct a typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-31 09:39:40 -07:00 |
|
Tom Eastep
|
f42dc6def1
|
Uniform mechanism for inserting conversion comments
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-30 15:35:05 -07:00 |
|
Tom Eastep
|
6e303aef69
|
Fix $convert/$tcrules mess
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-29 18:52:11 -07:00 |
|
Tom Eastep
|
ab260dc5b1
|
Place a header in a created mangle file during update -t
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-29 12:52:21 -07:00 |
|
Tom Eastep
|
55ab498291
|
Don't enforce FASTACCEPT/BLACKLISTNEWONLY on convert
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-29 12:51:52 -07:00 |
|
Tom Eastep
|
de74273dbb
|
Assume EXPORTMODULES=No if it doesn't exist in old file during update
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-27 15:15:03 -07:00 |
|
Tom Eastep
|
af1e2f6c8b
|
Read capabilities file before the .conf file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-27 11:26:26 -07:00 |
|
Tom Eastep
|
dc2406d25b
|
update -t also converts the 'tos' file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-26 13:51:02 -07:00 |
|
Tom Eastep
|
e0734a45ee
|
Allow 'seconds' and 'minutes' in LOGLIMIT specifications
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-26 12:53:36 -07:00 |
|
Tom Eastep
|
28df894add
|
Improve 'update'
- convert BLACKLISTNEWONLY
- convert LOGRATE and LOGBURST
- default USE_DEFAULT_RT to No
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-26 12:50:56 -07:00 |
|
Tom Eastep
|
b0bf726c7e
|
Let 'update' default USE_DEFAULT_RT to 'No'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-26 12:40:16 -07:00 |
|
Tom Eastep
|
ad06ec3eef
|
Correct IPV6 range parsing
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-26 11:52:51 -07:00 |
|
Tom Eastep
|
71611233fb
|
Correct IPV6 range parsing
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-26 11:51:29 -07:00 |
|
Tom Eastep
|
7a98c7b9e5
|
More 'update' fixes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-25 15:55:49 -07:00 |
|
Tom Eastep
|
dc73832570
|
Delete unneeded 'my'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-25 14:36:53 -07:00 |
|
Tom Eastep
|
f5d1ec0243
|
Delete EXPORTPARAMS from %config
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-25 14:36:14 -07:00 |
|
Tom Eastep
|
f9ae28aeea
|
The -t option also converts the 'tos' file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-24 14:56:24 -07:00 |
|
Tom Eastep
|
f4776bf388
|
Eliminate WIDE_TC_MARKS, HIGH_ROUTE_MARKS and BLACKLISTNEWONLY
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-21 12:42:19 -07:00 |
|
Tom Eastep
|
80acdd2836
|
Disallow bare COMMENT, SECTION and FORMAT lines
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-21 11:18:40 -07:00 |
|
Tom Eastep
|
40d1d86d2c
|
Drop support for the 'tos' file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-20 15:35:03 -07:00 |
|
Tom Eastep
|
5af5c67c75
|
Update a message to refer to the 'mangle' file rather than 'tcrules'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-20 14:54:54 -07:00 |
|
Tom Eastep
|
7956c5f6e0
|
Update a message to refer to the 'mangle' file rather than 'tcrules'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-20 14:48:29 -07:00 |
|
Tom Eastep
|
82330395e9
|
Correct grammer in an error message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-20 09:25:32 -07:00 |
|
Tom Eastep
|
9f2958fd27
|
Correct wording of an error message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-20 09:21:20 -07:00 |
|
Tom Eastep
|
39982c20c4
|
Restore the text of tcrules warning message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-19 12:34:35 -07:00 |
|
Tom Eastep
|
2b1f33c391
|
Don't unlink the tcrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-19 11:48:23 -07:00 |
|
Tom Eastep
|
1c33717cf5
|
Reverse the change to delete host routes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-19 11:06:28 -07:00 |
|
Tom Eastep
|
cd8fe38c85
|
Delete host routes added to the main routing table for providers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-19 10:44:37 -07:00 |
|
Tom Eastep
|
d525419c65
|
Correct wording of an error message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-19 10:44:00 -07:00 |
|
Tom Eastep
|
9d3f35a22d
|
Enable new update options in compiler.pl
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-16 11:57:36 -07:00 |
|
Tom Eastep
|
6bdf90631c
|
Fix a couple of bugs in 5.0.0
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-16 10:05:21 -07:00 |
|
Tom Eastep
|
c604823053
|
Default to FORMAT-2 macros and actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-14 16:11:41 -07:00 |
|
Tom Eastep
|
12f8cbae29
|
Correct the test for the existence of the routestopped file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-14 15:29:52 -07:00 |
|
Tom Eastep
|
4de6638385
|
Correct handling of termination after .conf file not updated
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-14 09:32:27 -07:00 |
|
Tom Eastep
|
0cef7fad35
|
Add conversion version and date to the converted files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-14 09:32:17 -07:00 |
|
Tom Eastep
|
ea2a35415e
|
Correct convert_blacklist()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-14 09:32:01 -07:00 |
|
Tom Eastep
|
4cc7a1b87d
|
Correct tcrules update
Signed-off-by: Tom Eastep <teastep@shorewall.net>
Conflicts:
Shorewall/Perl/Shorewall/Tc.pm
|
2015-08-14 09:31:36 -07:00 |
|
Tom Eastep
|
7c2a969de0
|
Correct handling of notrack file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-14 09:26:45 -07:00 |
|
Tom Eastep
|
fd46c0ffed
|
Correct handling of termination after .conf file not updated
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-13 15:42:38 -07:00 |
|
Tom Eastep
|
60acddbb37
|
Add conversion version and date to the converted files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-13 14:37:13 -07:00 |
|
Tom Eastep
|
306dc34b31
|
Correct convert_blacklist()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-13 13:22:14 -07:00 |
|
Tom Eastep
|
f5c6a6fe82
|
Correct tcrules update
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-13 13:21:51 -07:00 |
|
Tom Eastep
|
af2b7910bd
|
Port update changes from 5.0.0
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-12 12:33:09 -07:00 |
|
Tom Eastep
|
2ab8bd3040
|
More update fixes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-09 14:31:47 -07:00 |
|
Tom Eastep
|
0d635632e3
|
Add conversion of notrack to conntrack
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-08 16:46:58 -07:00 |
|
Tom Eastep
|
fb2d261cdb
|
More Fixes for update
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-08 12:42:32 -07:00 |
|
Tom Eastep
|
88f9a3e255
|
Allow zero-valued options on multi-zoned interfaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-07 14:30:21 -07:00 |
|
Tom Eastep
|
4c4c5a436a
|
Allow zero-valued options on multi-zoned interfaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-07 14:09:08 -07:00 |
|
Tom Eastep
|
73c8b563a1
|
Add -s option to update to convert the routestopped file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-07 13:46:16 -07:00 |
|
Tom Eastep
|
0f61bd34e6
|
Drop support for the 'blacklist' zone option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-08-03 14:45:52 -07:00 |
|