Commit Graph

2139 Commits

Author SHA1 Message Date
Tom Eastep
2cbf1e86ad Allow synonyms for column names in alternate specification formats
- gateway and gateways in the tunnels file
- mark and action in the tcrules file

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 11:59:47 -07:00
Tom Eastep
dd8e9ff09d Fix 'COMMENT' along in the tunnels file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 11:58:37 -07:00
Tom Eastep
4320150dc4 Add alternate specification in tunnels file ('gateways')
- Make similar change in tcrules file with 'action'

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 07:43:11 -07:00
Tom Eastep
003daec41c Remove a couple of hard-coded '/usr/share' in Shorewall::Config
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-06 17:30:17 -07:00
Tom Eastep
aac00c3cc7 Pop open stack in run_user_exit1 and run_user_exit2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-05 10:31:55 -07:00
Tom Eastep
af228806fc Allow manual changes to be used in macros.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-05 08:56:26 -07:00
Tom Eastep
1d90ee174c Cleanup of ERROR/WARNING message enhancement.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-04 07:01:08 -07:00
Tom Eastep
3e37f47fb5 Print out the include/open stack in WARNING and ERROR messages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-03 17:17:55 -07:00
Tom Eastep
894931731b Merge branch 'master' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall 2012-05-02 07:04:30 -07:00
Tom Eastep
731b310359 Use --hashlimit-upto when available.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-30 13:45:09 -07:00
Tom Eastep
35c08c109e Fix IPv4 'reset'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-30 07:54:40 -07:00
Tom Eastep
766771d812 Remove absurd test
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-30 07:48:07 -07:00
Tom Eastep
b9e6349994 Add some comments
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-29 09:07:34 -07:00
Tom Eastep
c9b4d3d8c8 Add/improve comments.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-25 09:44:08 -07:00
Tom Eastep
d904a2de86 Search and destroy trailing whitespace
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-24 14:52:57 -07:00
Tom Eastep
f860cd037d Change a comment in generate_matrix() to acknowledge 'KLUDGEFREE'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-24 13:34:56 -07:00
Tom Eastep
3bdf703522 Allow TC experts to SAVE/RESTORE all parts of the packet mark
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-24 09:19:38 -07:00
Tom Eastep
34f5838365 Allow multiple GATEWAYS to be listed in the tunnels file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-18 09:28:37 -07:00
Tom Eastep
2b7e5dd9d8 Suppress duplicate option when not KLUDGEFREE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-17 07:35:37 -07:00
Tom Eastep
44c8ef2ede Correct ill-advised change to push_matches()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-17 07:30:17 -07:00
Tom Eastep
aaab505006 Improve the debuggability of failed assertions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-14 17:57:49 -07:00
Tom Eastep
63a2a32b4b Suppress trailing whitespace.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-14 13:50:59 -07:00
Tom Eastep
31752d9ee1 Move macro.BLACKLIST to where it belongs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-14 08:14:45 -07:00
Tom Eastep
24e2fe4a04 Make options argument to read_a_line manditory
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-14 08:04:28 -07:00
Tom Eastep
42950e53cd Use logical add rather than arithmetic add for uniformity
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-11 14:28:09 -07:00
Tom Eastep
ae9f538ef8 Simplify an assertion
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-11 14:27:48 -07:00
Tom Eastep
e880d2fd84 Remove some whitespace
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-11 08:03:02 -07:00
Tom Eastep
e791a63671 Merge branch '4.5.2'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-11 07:13:40 -07:00
Tom Eastep
e263a3c27d Remove redundant logic
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-11 07:11:05 -07:00
Tom Eastep
0b5e30aa7b Fix INCLUDE inside an ?IF ... ?ENDIF
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-10 17:27:47 -07:00
Tom Eastep
07ff3f294d Fix INCLUDE inside an ?IF ... ?ENDIF
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-10 17:27:23 -07:00
Tom Eastep
6ba69c9540 Eliminate read_a_line1()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-10 17:01:38 -07:00
Tom Eastep
5ee554708c Control the proliferation of arguments to read_a_line() by using
a bit-mapped single argument.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-10 13:51:25 -07:00
Tom Eastep
623e545f09 Don't allow accounting chains to be altered when OPTIMIZE_ACCOUNTING=No
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-09 21:44:44 -07:00
Tom Eastep
2545322163 Cleanup of read_a_line()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-09 16:00:26 -07:00
Tom Eastep
7b511f449f Don't strip comments until after embedded Perl or Shell have been handled.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-09 15:12:13 -07:00
Tom Eastep
94097e2561 Add newlines to embedded multi-line shell and perl
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-08 12:17:00 -07:00
Tom Eastep
50405f57ba Don't suppress whitespace in embedded Perl and Shell
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-08 07:54:03 -07:00
Tom Eastep
860141127a Re-enable '#' in quoted strings within embedded shell and perl
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-08 07:30:46 -07:00
Tom Eastep
a2abad3f68 Modify getparams to use the installed shorewallrc file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-07 09:07:07 -07:00
Tom Eastep
c5f44d8737 Move read_a_line() prototype before first use.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-07 07:42:27 -07:00
Tom Eastep
25bca70ff2 Merge branch 'master' into 4.5.2 2012-04-07 07:39:14 -07:00
Tom Eastep
7204220991 Some more fixes to conditional inclusion.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-07 07:16:17 -07:00
Tom Eastep
97cc4930cf Deimplement option leading ? in embedded directives
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-06 16:26:05 -07:00
Tom Eastep
5688dc77a3 Make ?BEGIN PERL end ?END PERL work.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-06 15:58:21 -07:00
Tom Eastep
9dd6f86c55 Use read_a_line() in the embedded_shell() and embedded_perl() functions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-06 15:46:01 -07:00
Tom Eastep
53395e788d Add a comment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-06 11:49:59 -07:00
Tom Eastep
24e115d0f9 Move a comment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-06 08:00:20 -07:00
Tom Eastep
24d30275fa Correct syntax errors in the generated script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-03 17:08:14 -07:00
Tom Eastep
fb428bf564 Don't modify CONFDIR and SHAREDIR in the shell code
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-02 12:39:49 -07:00
Tom Eastep
348c99c7d0 Compiler changes for Shorewall[6]-lite relocation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-02 07:46:38 -07:00
Tom Eastep
85fce606dc Give all config files access to shorewallrc variables.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-01 13:19:38 -07:00
Tom Eastep
bb6e17fd3e Many changes involved in getting a relocated installations to work
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-01 10:47:24 -07:00
Tom Eastep
cf176474ac Merge branch '4.5.2'
Conflicts:
	Shorewall/Perl/Shorewall/Chains.pm
2012-03-31 09:44:36 -07:00
Tom Eastep
6ed207aba0 Fix 'dhcp' with 'nets'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-31 09:30:29 -07:00
Tom Eastep
924ec49d09 Add OWNER_NAME_MATCH to do_user
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-30 16:58:38 -07:00
Tom Eastep
a4097b7a02 Correct Typo in setup_null_routing()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-30 16:57:26 -07:00
Tom Eastep
e38fcb2bfc Correct ipset creation and add a WARNING when creating an ipset
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-30 16:56:43 -07:00
Tom Eastep
e09457cdf9 Correct Typo in setup_null_routing()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-27 07:46:53 -07:00
Tom Eastep
e641bf7ac2 Correct typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-26 16:01:35 -07:00
Tom Eastep
8a164adf98 Export TMPDIR if it exists in the .shorewallrc file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-26 15:43:04 -07:00
Tom Eastep
dee20c8d74 Add OWNER_NAME_MATCH to do_user
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-25 20:18:20 -07:00
Tom Eastep
ee15baf98c Correct typo in Chains.pm
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-25 12:48:57 -07:00
Tom Eastep
25e7555e80 Correct typo in the compiler 2012-03-25 12:36:25 -07:00
Tom Eastep
9dd9ee614b Correct ipset creation and add a WARNING when creating an ipset
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-25 08:27:28 -07:00
Tom Eastep
5aed14ffdc Set PRODUCT before processing rc file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-25 07:25:15 -07:00
Tom Eastep
59aab485c3 Handle 'PRODUCT' more gracefully
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-24 22:21:42 -07:00
Tom Eastep
173d29969d Improve shorewallrc variable expansion
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-24 21:34:24 -07:00
Tom Eastep
7390789b5e Add BLACKLIST Macro
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-24 21:33:57 -07:00
Tom Eastep
fc4aaa97c6 Expand variables in shorewallrc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-24 21:26:20 -07:00
Tom Eastep
eb118e4443 Add shorewallrc files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-24 13:05:39 -07:00
Tom Eastep
f4ed4109c6 Fix LENGTH handling (again)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-23 15:40:48 -07:00
Tom Eastep
398c843643 Concatenate match options when not KLUDGEFREE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-23 15:40:25 -07:00
Tom Eastep
01d07f55a9 Only include user exit basename in exported progress messages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-20 07:33:32 -07:00
Tom Eastep
bdc8cb66bd Correct load_kernel_modules()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-20 07:15:47 -07:00
Tom Eastep
7bc823fb8b Support 'kerneltz'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 15:57:38 -07:00
Tom Eastep
48b7594b64 Delete prog.header*
- Move functions into lib.core with ?IF ... ?ELSE ... ?END

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 15:56:02 -07:00
Tom Eastep
88b1180817 Support ?IF in copied files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 13:38:24 -07:00
Tom Eastep
8803cd8d3b ?IF improvements
- Pass line number to make process_conditional more general
- Add debugging output
- Do first_line processing prior to looking for ?

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 12:51:22 -07:00
Tom Eastep
0063de1564 Add capabilities to conditionals
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 11:57:33 -07:00
Tom Eastep
f104596b39 Merge branch '4.5.1' 2012-03-19 10:13:08 -07:00
Tom Eastep
146d66f0aa Don't complain about SHOREWALL_INIT_SCRIPT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 09:52:55 -07:00
Tom Eastep
0ccb398cec Merge branch '4.5.1' 2012-03-19 09:22:44 -07:00
Tom Eastep
287a44be52 Allow TOS to work on RHEL5
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 09:22:21 -07:00
Tom Eastep
86f3667b82 Correct nested ?IF
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 08:19:32 -07:00
Tom Eastep
962b1cca1f Remove Perl diagnostic
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 07:46:45 -07:00
Tom Eastep
2026fdab6a Correct IPSET_WARNINGS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 07:44:52 -07:00
Tom Eastep
722e888043 Fix ?IF
- Allow nested ?IFs to work correctly
- Correct push logic for $ifstack

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 07:38:52 -07:00
Tom Eastep
e3997abfb9 Merge branch '4.5.2'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 07:27:53 -07:00
Tom Eastep
710687bbd6 Revert "Move conditional processing to it's own function"
This reverts commit 8262cff71a.
2012-03-19 07:23:57 -07:00
Tom Eastep
d4a1e7dba9 Revert "Allow ?IF, ?ELSE and ?ENDIF in copied files"
This reverts commit 29dd342118.
2012-03-19 07:23:24 -07:00
Tom Eastep
c7237e5c8e Revert "Move all functions from prog.header* to lib.core"
This reverts commit f9f557e1c6.
2012-03-19 07:22:51 -07:00
Tom Eastep
c299c6d61a Revert "Correct spelling"
This reverts commit 1d021e3701.
2012-03-19 07:22:29 -07:00
Tom Eastep
6769acc7a7 Revert "Some corrections to conditional inclusion"
This reverts commit 164d2f5d1b.
2012-03-19 07:22:07 -07:00
Tom Eastep
df33587395 Revert "Clean up of conditional inclusion."
This reverts commit 5f3ba4eb40.
2012-03-19 07:21:36 -07:00
Tom Eastep
508f33a183 Revert "Eliminate prog.header6"
This reverts commit 60f1004339.
2012-03-19 07:21:12 -07:00
Tom Eastep
11f970d1c2 Revert "Eliminate prog.header"
This reverts commit 13bf383ce8.
2012-03-19 07:20:57 -07:00
Tom Eastep
72e6330ff4 Revert "Add capabilities to ?IF conditionals"
This reverts commit 0d71c590e4.
2012-03-19 07:20:31 -07:00
Tom Eastep
5caf68bc31 Remove .project
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 19:31:40 -07:00
Tom Eastep
15ca0fd1f0 Add IPSET_WARNINGS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 19:30:04 -07:00