Tom Eastep
1b3d7947b8
Update the .conf file before validating ('update' command)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 12:31:58 -07:00
Tom Eastep
ba7d5fd720
Avoid two-stage processing of shorewall.conf when not updating.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 10:56:25 -07:00
Tom Eastep
106ba52362
Change signature of get_action_params
...
- Accepts a number of parameters rather than a list
- Change action.Drop and action.Reject accordingly
- Define correct number of parameter variables in action.Drop and action.Reject
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 08:27:01 -07:00
Tom Eastep
0d2e2a14d3
Document additional parameters to standard default actions and DEFAULT in macro files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 08:05:13 -07:00
Tom Eastep
62a75cb98d
Fix parameterization of standard default actions.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 07:51:42 -07:00
Tom Eastep
b43bee2c62
Streamline PERL in action.Drop and action.Reject
...
- Rename read_action_param => get_action_params
- Allow it to accept a list of indexes and to return a list
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 06:53:15 -07:00
Tom Eastep
bbf853bd1d
Cleaner handling of DEFAULTS in a non-action context
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 06:11:20 -07:00
Tom Eastep
ece598288f
Disallow DEFAULTS in the rules file
2011-06-21 21:00:08 -07:00
Tom Eastep
d51ca478bd
Reverse one hunk from empty-parameter fix
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-21 11:45:32 -07:00
Tom Eastep
fe9e2ba28d
Correct error message
2011-06-20 19:47:33 -07:00
Tom Eastep
063e21e69f
Allow an empty parameter list in an action (e.g., "Action()")
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 19:45:01 -07:00
Tom Eastep
71d88b93a0
Make IPv6 Dynamic Zone set names unique
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 17:22:34 -07:00
Tom Eastep
7b2cbf2449
Make 'show dynamic <zone>' work correctly with new ipset program
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 17:22:04 -07:00
Tom Eastep
39e74911d8
Improve generated code
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 14:34:26 -07:00
Tom Eastep
ec28bdb5a0
Document Shorewall6 support for dynamic zones.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 14:33:49 -07:00
Tom Eastep
44cbfd8f27
Correct defects found while unit testing IPv6 Dynamic Zones
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 13:33:25 -07:00
Tom Eastep
119d38c92b
Enable dynamic zones for IPv6
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 10:41:29 -07:00
Tom Eastep
785de281b5
More IPv6 ipset fixes
...
- use 'family inet6' rather than 'family ipv6'
- Correct one more case of 'iphash' vs 'hash:ip family inet6'
- Encapsulate ipset -N into an 'ensure_ipset()' function
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 07:43:32 -07:00
Tom Eastep
4c2f12e645
Some whitespace changes
2011-06-19 19:08:32 -07:00
Tom Eastep
e4bcc12301
Use 'here documents' rather than single quotes.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 18:33:10 -07:00
Tom Eastep
2097d0f4a0
Accomodate new syntax of ipset saved commands
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 14:06:42 -07:00
Tom Eastep
46d64e39d1
Use correct syntax to create IPv6 ipsets.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 14:04:53 -07:00
Tom Eastep
be6b08f835
Be sure to detect IPSET_MATCH before OLD_IPSET_MATCH.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 13:29:10 -07:00
Tom Eastep
d12336ec78
Reword 'update' description.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 13:28:17 -07:00
Tom Eastep
ee384d03ce
Allow Shorewall-init to save/restore ipset contents
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 10:10:59 -07:00
Tom Eastep
7753f798b0
Bump Version to Beta 3
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 10:09:53 -07:00
Tom Eastep
2769b09f64
Correct typeos in shorewall and shorwall6
2011-06-19 08:39:44 -07:00
Tom Eastep
c264aaae6b
Update module versions
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 07:41:26 -07:00
Tom Eastep
4916610033
Rename upgrade => update
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 07:14:27 -07:00
Tom Eastep
df2f7ec6a5
Implement 'upgrade' and delete the '-u' and '-a' options of 'check'.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 17:39:44 -07:00
Tom Eastep
55242d1ed6
Add a few comments
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 16:55:00 -07:00
Tom Eastep
d66c7d478e
Eliminate expansion of shell variables in the upgraded config file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 16:33:41 -07:00
Tom Eastep
380443f26d
Eliminate %defaults
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 15:44:07 -07:00
Tom Eastep
faeb2da2ba
Corrections to Defaults
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 15:38:08 -07:00
Tom Eastep
f93ac02bfc
Provide default values for added entries
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 14:50:07 -07:00
Tom Eastep
96f6dc3558
More defined => supplied changes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 13:08:26 -07:00
Tom Eastep
6f2cc31dde
Implement .conf file upgrade
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 13:03:55 -07:00
Tom Eastep
e5d8be5aa5
Bump version to Beta 2
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 11:23:43 -07:00
Tom Eastep
d23f932ebe
Don't generate INPUT hairpin rules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 06:21:36 -07:00
Tom Eastep
f9ee8c494d
Exempt wildcard interfaces from sfilter
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-14 06:45:22 -07:00
Tom Eastep
9aedd407cc
Quell compiler warnings from Perl 5.14.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-13 06:40:03 -07:00
Tom Eastep
10ae91b600
Delete deprecated options from the .conf files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-12 13:46:26 -07:00
Tom Eastep
8780aff7f2
Rename PLAIN->ANNOTATED
2011-06-12 09:45:50 -07:00
Tom Eastep
65d4709372
Drop IPv6 IPSET support for now
2011-06-12 09:14:33 -07:00
Tom Eastep
785bd7c987
Apply Tuomo Soini's patch
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-12 07:22:26 -07:00
Tom Eastep
9ab901927f
Use supplied() where appropriate
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 16:14:31 -07:00
Tom Eastep
774aac1228
Add a supplied() function
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 15:40:55 -07:00
Tom Eastep
b7a3142620
Document parameterized default actions
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 15:25:48 -07:00
Tom Eastep
a60fe6e665
Allow parameters to be specified to Default Actions in the policy file
...
and in shorewall.conf.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 14:58:54 -07:00
Tom Eastep
68bf99ec69
Parameterize the standard default actions
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 08:34:37 -07:00