Commit Graph

10430 Commits

Author SHA1 Message Date
Tom Eastep
4916610033 Rename upgrade => update
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 07:14:27 -07:00
Tom Eastep
6f3497e353 Update Audit.xml with parameterized standard action info
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 06:50:18 -07:00
Tom Eastep
df2f7ec6a5 Implement 'upgrade' and delete the '-u' and '-a' options of 'check'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 17:39:44 -07:00
Tom Eastep
55242d1ed6 Add a few comments
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 16:55:00 -07:00
Tom Eastep
d66c7d478e Eliminate expansion of shell variables in the upgraded config file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 16:33:41 -07:00
Tom Eastep
e8e7215f4b Add a warning about shell variables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 16:00:29 -07:00
Tom Eastep
380443f26d Eliminate %defaults
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 15:44:07 -07:00
Tom Eastep
faeb2da2ba Corrections to Defaults
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 15:38:08 -07:00
Tom Eastep
f93ac02bfc Provide default values for added entries
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 14:50:07 -07:00
Tom Eastep
c7be1f1b38 Remove silly "#LAST LINE" from shorewall6.conf
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 13:14:55 -07:00
Tom Eastep
96f6dc3558 More defined => supplied changes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 13:08:26 -07:00
Tom Eastep
6f2cc31dde Implement .conf file upgrade
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 13:03:55 -07:00
Tom Eastep
e5d8be5aa5 Bump version to Beta 2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 11:23:43 -07:00
Tom Eastep
d23f932ebe Don't generate INPUT hairpin rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 06:21:36 -07:00
Tom Eastep
89529df71f Odd capitalization to make annotate.pl work correctly
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 06:10:32 -07:00
Tom Eastep
e7cdf75463 Correct version when :<burst> was added 2011-06-17 17:19:37 -07:00
Tom Eastep
dfcd29d930 Correct spelling error in shorewall6-interfaces(5)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-15 14:00:30 -07:00
Tom Eastep
f9ee8c494d Exempt wildcard interfaces from sfilter
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-14 06:45:22 -07:00
Tom Eastep
9aedd407cc Quell compiler warnings from Perl 5.14.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-13 06:40:03 -07:00
Tom Eastep
10ae91b600 Delete deprecated options from the .conf files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-12 13:46:26 -07:00
Tom Eastep
8780aff7f2 Rename PLAIN->ANNOTATED 2011-06-12 09:45:50 -07:00
Tom Eastep
65d4709372 Drop IPv6 IPSET support for now 2011-06-12 09:14:33 -07:00
Tom Eastep
785bd7c987 Apply Tuomo Soini's patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-12 07:22:26 -07:00
Tom Eastep
a0c5647c2a Re-add IPv6 ipset support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-12 06:22:18 -07:00
Tom Eastep
9ab901927f Use supplied() where appropriate
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 16:14:31 -07:00
Tom Eastep
774aac1228 Add a supplied() function
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 15:40:55 -07:00
Tom Eastep
99728d5695 Merge branch 'master' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall 2011-06-11 15:33:21 -07:00
Tom Eastep
b7a3142620 Document parameterized default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 15:25:48 -07:00
Tom Eastep
738c46906c Document parameterized default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 15:15:29 -07:00
Tom Eastep
a60fe6e665 Allow parameters to be specified to Default Actions in the policy file
and in shorewall.conf.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 14:58:54 -07:00
Tom Eastep
68bf99ec69 Parameterize the standard default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 08:34:37 -07:00
Tom Eastep
3dd363677c Implement set_action_param
Export both set_action_params and read_action_param by default

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 08:33:21 -07:00
Tom Eastep
8b6a7a7053 Implement read_action_param()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 07:49:57 -07:00
Tom Eastep
f278d05637 Rename action param functions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 07:46:54 -07:00
Tom Eastep
0cb98737f7 Document DEFAULTS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 07:29:25 -07:00
Tom Eastep
2549982528 Fix DEFAULTS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 07:23:41 -07:00
Tom Eastep
af1898b17b Document default values for parameters
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 07:18:11 -07:00
Tom Eastep
acefd0a75b Improvements to interfaces manpages
- Indicate when 'routefilter' cannot be used.
- Clarify use of 'sfilter'

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 06:44:07 -07:00
Tom Eastep
6e6be468a9 Support for DEFAULT statements in actions 2011-06-10 17:05:09 -07:00
Tom Eastep
32c7d36cd0 Make zones with multiple interfaces complex
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-10 15:37:26 -07:00
Tom Eastep
dbd30f981c Set the interface routeback option if there are any IP host groups with 'routeback'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-10 15:37:09 -07:00
Tom Eastep
79348d2b55 Correct manpages: filter->sfilter
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-10 06:04:45 -07:00
Tom Eastep
8a7ad569e4 Don't leave unused sfilter chains in the config
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-09 17:22:48 -07:00
Tom Eastep
3e9a54d404 Couple of tweaks
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-09 17:22:34 -07:00
Tom Eastep
a0b0c5bdac Jump (don't go) to sfilter1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-09 14:24:44 -07:00
Tom Eastep
1399a8ffde Don't move rules from a chain with references
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-09 14:24:38 -07:00
Tom Eastep
9555a552c2 Fix FORWARD with ipsec dest
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-09 14:24:08 -07:00
Tom Eastep
71177c3ca3 Exempt ipsec from sfilter
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-09 07:27:06 -07:00
Tom Eastep
b17ad603ae Correct typo in the shorewall-providers manpage
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-08 14:38:56 -07:00
Tom Eastep
fa2746d469 Apply sfilter to INPUT as well as FORWARD
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-08 09:40:28 -07:00