Commit Graph

11346 Commits

Author SHA1 Message Date
Tom Eastep
004d0bcc38 Allow rules in the RELATED section when there are non-default settions of
the new RELATED_* options.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-06 13:38:11 -08:00
Tom Eastep
43913915f9 Combine the CLIs into a single 'shorewall' file.
Add lib.cli-lite and lib.cli-std to contain the functions that are different
between the full products and the lite ones.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-06 12:54:51 -08:00
Tom Eastep
c724e238e6 Move the bulk of command processing to lib.cli
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-06 07:47:34 -08:00
Tom Eastep
e762998f1e Allow spaces in the argument to the iprange command.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-06 06:44:15 -08:00
Tom Eastep
d4957696d1 Update man pages and sample files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 17:45:09 -08:00
Tom Eastep
439af55312 Implement RELATED_DISPOSITION and RELATED_LOG_LEVEL
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 16:08:17 -08:00
Tom Eastep
320cc822fe Flesh out CT description in the man pages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 13:51:18 -08:00
Tom Eastep
febe9e5222 Apply Chris Boot's fix for TC_ENABLED=Shared
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 12:22:48 -08:00
Tom Eastep
b27e2517b4 Unify capabilities detection
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 12:00:36 -08:00
Tom Eastep
94b8d07645 Correct fix for dynamic blacklisting (chain_exists())
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 07:01:16 -08:00
Tom Eastep
f56b56a59f Update 'notrack' man pages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 06:56:23 -08:00
Tom Eastep
7fcdfd6655 Fix chain_exists() from IPv4
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 06:54:03 -08:00
Tom Eastep
2cffae738f Initial implementation of CT target support in the 'notrack' file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-04 17:15:58 -08:00
Tom Eastep
a794027f63 Implement CT capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-04 14:35:53 -08:00
Tom Eastep
749b893a46 Move lib modification from installation to build
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-04 12:04:03 -08:00
Tom Eastep
299701e466 Make /sbin/shorewall6 a symbolic link
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-04 10:21:33 -08:00
Tom Eastep
e7d2b1d4ed Consolidate the lib.common files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-04 09:19:48 -08:00
Tom Eastep
0d80b54ad9 Correct some issue with file consolidation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-03 13:13:25 -08:00
Tom Eastep
f89c78788f Correct a couple of syntax errors in lib.cli
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-03 12:41:05 -08:00
Tom Eastep
0138419cb7 Delete obsolete libs during install
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-03 12:28:31 -08:00
Tom Eastep
252b6580c0 Load the common libs from /sbin/shorewall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-03 12:04:28 -08:00
Tom Eastep
860ce45924 Delete redundant files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-03 11:22:22 -08:00
Tom Eastep
4161c35108 Implement common lib.base, lib.cli and CLI for Shorewall[6][-lite]
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-03 10:59:01 -08:00
Tom Eastep
dbf75af411 Merge branch '4.4.26' 2011-12-03 06:01:03 -08:00
Tom Eastep
bc3782c3de Pass $CONFIG_PATH to compiler.pl
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-02 09:31:26 -08:00
Tom Eastep
6bb487bb68 Pass $CONFIG_PATH to compiler.pl
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-02 07:36:23 -08:00
Tom Eastep
ecf4abaa52 Merge branch 'master' into 4.4.26
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-01 13:07:46 -08:00
Tom Eastep
6949135c11 Document enable/disable in the manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-01 13:04:53 -08:00
Tom Eastep
df80c6587a Document enable/disable in the manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-01 12:58:38 -08:00
Tom Eastep
7754c45a07 Merge branch 'master' into 4.4.26 2011-12-01 12:14:58 -08:00
Tom Eastep
2231f1e9da Don't deprecate 'optional' for shared providers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-01 11:23:50 -08:00
Tom Eastep
8c6914d1a2 Don't deprecate 'optional' for shared providers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-01 11:23:22 -08:00
Tom Eastep
a27f5655a7 Merge branch '4.4.26' 2011-12-01 10:41:22 -08:00
Tom Eastep
99bf7fb994 Don't do TC stuff during enable/disable of a shared provider
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-01 10:41:03 -08:00
Tom Eastep
568e3b2e5b Allow a provider name in addition to an interface name in enable/disable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-01 10:32:54 -08:00
Tom Eastep
8f14485d67 Allow a provider name in addition to an interface name in enable/disable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-01 10:30:42 -08:00
Tom Eastep
3110f7c74a Add enable/disable commands to the CLIs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-01 10:25:51 -08:00
Tom Eastep
d27965a4d2 Enable 'update' in shorewall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-30 08:12:49 -08:00
Tom Eastep
d8caa6498a Add tracing to Optimize 16.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-30 07:57:19 -08:00
Tom Eastep
3581b2667e Don't install the blacklist file in /etc/shorewall[6]
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-27 14:39:59 -08:00
Tom Eastep
9e149ca038 Correct default values during update
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-27 14:12:51 -08:00
Tom Eastep
61d5c6d6da Implement Shorewall::Chains::clone_rule()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-26 09:36:02 -08:00
Tom Eastep
3498076a96 Accurately compare rule key values that are array references.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-26 08:03:02 -08:00
Tom Eastep
15d95b6977 Fix SAME target.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-26 07:48:03 -08:00
Tom Eastep
5cdb74168f Correct port list capture with --multiport.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-25 16:22:23 -08:00
Tom Eastep
613e41c25a Enable OPT 16 in check -r; Suppress duplicate rules 2011-11-25 16:05:07 -08:00
Tom Eastep
90e03e1833 Even more tweaks to optimize 16
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-25 14:46:37 -08:00
Tom Eastep
71bbd7963c Some tweaks to optimize 16 2011-11-25 10:42:10 -08:00
Tom Eastep
0f02b497f6 Document optimize 16 in the manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-24 11:11:59 -08:00
Tom Eastep
f305da9d0d Require extended multi-port match for OPTIMIZE 16.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-24 10:57:09 -08:00