Tom Eastep
|
e8f61e2109
|
Restate vulnerability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-06-06 13:19:40 -07:00 |
|
Tom Eastep
|
447d0f0b2d
|
Don't modify the .conf file installed in configfiles.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-06-06 09:46:52 -07:00 |
|
Tom Eastep
|
c42c6864b4
|
Don't modify the .conf file installed in configfiles.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-06-06 09:46:22 -07:00 |
|
Tom Eastep
|
2803d3ee0b
|
Merge branch '4.4.20'
|
2011-06-06 07:02:57 -07:00 |
|
Tom Eastep
|
c2e78bfaf8
|
Correct address of the FSF
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-06-06 06:55:40 -07:00 |
|
Tom Eastep
|
aabefe91f1
|
Merge branch '4.4.20'
|
2011-06-04 08:46:40 -07:00 |
|
Tom Eastep
|
f1cbfab7ac
|
More blacklist/audit fixes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-06-04 08:45:23 -07:00 |
|
Tom Eastep
|
653a61a04a
|
Merge branch '4.4.20'
|
2011-06-04 07:44:24 -07:00 |
|
Tom Eastep
|
a9c0824a30
|
Correct BLACKLIST_DISPOSITION=A_xxx with BLACKLIST_LOG_LEVEL
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-06-04 07:44:07 -07:00 |
|
Tom Eastep
|
aa86b65ec3
|
Merge branch '4.4.20'
|
2011-06-02 11:44:15 -07:00 |
|
Tom Eastep
|
254e1ed784
|
Add 'I' STATE to secmarks
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-06-02 11:43:55 -07:00 |
|
Tom Eastep
|
c3b56c1e73
|
Merge branch '4.4.20'
|
2011-06-02 10:07:03 -07:00 |
|
Tom Eastep
|
561d461a25
|
Add 'NI' STATE setting in secmarks.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-06-02 10:06:27 -07:00 |
|
Tom Eastep
|
169c995940
|
Fix a typo in the release notes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-06-02 06:50:10 -07:00 |
|
Tom Eastep
|
1e883c2fdf
|
Merge branch '4.4.20'
|
2011-06-02 06:47:09 -07:00 |
|
Tom Eastep
|
086a99ea24
|
Don't initialize PLAIN
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-06-02 06:23:57 -07:00 |
|
Tom Eastep
|
f9c5b8b0d5
|
Improve some comments
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-06-02 06:23:37 -07:00 |
|
Tom Eastep
|
36aee407ef
|
Merge branch '4.4.20'
|
2011-06-01 13:01:27 -07:00 |
|
Tom Eastep
|
5f08605adc
|
Delete some cruft
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-06-01 12:26:05 -07:00 |
|
Tom Eastep
|
faff915dd2
|
Fix a typo in the release notes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-06-01 06:53:09 -07:00 |
|
Tom Eastep
|
b30d1bfc48
|
Merge branch '4.4.20'
|
2011-06-01 06:34:43 -07:00 |
|
Tom Eastep
|
f253bb5a11
|
Corrections to release notes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-06-01 06:31:02 -07:00 |
|
Tom Eastep
|
243a09783c
|
Merge branch '4.4.20'
|
2011-05-31 15:45:09 -07:00 |
|
Tom Eastep
|
7bf74bb8c9
|
Add new builtin targets to %builtin_target
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-31 15:43:42 -07:00 |
|
Tom Eastep
|
21d2c5720b
|
Clarify 'bridge_nf_call_*'; mention that problems corrected in 4.4.19 dot releases are included
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-31 12:22:45 -07:00 |
|
Tom Eastep
|
468ff6efab
|
First cut at IPSET/Dynamic-zone support in Shorewall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-31 11:23:43 -07:00 |
|
Tom Eastep
|
8df470b5f5
|
Version to 4.4.20
|
2011-05-31 09:30:18 -07:00 |
|
Tom Eastep
|
5ce3a1f4d1
|
Update release documents
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-31 07:03:56 -07:00 |
|
Tom Eastep
|
2f6c5fd260
|
Set 'bridge-nf-call-ip6?tables' if bridges are configured.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-31 06:59:43 -07:00 |
|
Tom Eastep
|
4f296b62ae
|
Another fix for auditone
|
2011-05-30 16:37:56 -07:00 |
|
Tom Eastep
|
e6275ba31d
|
Fix a bug in auditing
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-30 15:28:00 -07:00 |
|
Tom Eastep
|
d89a915f26
|
Load IPv6 libraries when processing /etc/shorewall6/params
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-30 13:24:36 -07:00 |
|
Tom Eastep
|
2dec3a8ecb
|
Correct handling of AUDIT_TARGET is both cli libraries.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-30 11:39:21 -07:00 |
|
Tom Eastep
|
26d08b92c0
|
Correct use of null value as a hash
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-30 11:38:49 -07:00 |
|
Tom Eastep
|
b0447b8bd3
|
Remove another MACLIST defect
|
2011-05-30 08:49:41 -07:00 |
|
Tom Eastep
|
7b560eefe4
|
Allow compound options in the installers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-30 08:15:59 -07:00 |
|
Tom Eastep
|
60d33740f6
|
Fix MACLIST_DISPOSITION defect introduced earlier in this release
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-30 07:59:44 -07:00 |
|
Tom Eastep
|
11c209c55f
|
Restore access to $Shorewall::Rules::family
|
2011-05-29 17:22:36 -07:00 |
|
Tom Eastep
|
2852cdeb53
|
Another attempt at the IPMARK fix
|
2011-05-29 14:42:23 -07:00 |
|
Tom Eastep
|
a71136fd5a
|
Rework configuration files for Shorewall and Shorewall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-29 14:34:18 -07:00 |
|
Tom Eastep
|
7404d912bd
|
Add LOGRATE to */shorewall.conf
|
2011-05-28 19:12:34 -07:00 |
|
Tom Eastep
|
ec01e39479
|
Add LOGBURST to */shorewall.conf
|
2011-05-28 19:03:18 -07:00 |
|
Tom Eastep
|
9dc689dd13
|
Sort Sample .conf files
|
2011-05-28 12:38:12 -07:00 |
|
Tom Eastep
|
6d3640dafc
|
Alphabetize config files and sync files and manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-28 10:34:54 -07:00 |
|
Tom Eastep
|
03ecdc8c06
|
Clean up shorewall.conf and its documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-28 09:10:46 -07:00 |
|
Tom Eastep
|
243e8f1dbe
|
Fix check for unreferenced 'sfilter' chain
|
2011-05-28 08:31:36 -07:00 |
|
Tom Eastep
|
fc34f07a7a
|
Remove PKTTYPE option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-28 07:11:48 -07:00 |
|
Tom Eastep
|
a37dbf76dc
|
Delete 'sfilter' chain if it isn't referenced
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-27 19:56:54 -07:00 |
|
Tom Eastep
|
1a2c9a08e1
|
Don't include comment in audit chain rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-27 19:56:04 -07:00 |
|
Tom Eastep
|
5082b0701a
|
Get release notes changes for filter->sfilter
|
2011-05-27 19:43:13 -07:00 |
|
Tom Eastep
|
bac640e731
|
Get changes from 4.5.0 branch
|
2011-05-27 19:42:09 -07:00 |
|
Tom Eastep
|
586a3537bf
|
Delete 'sfiter' chain if it doesn't have referenes
|
2011-05-27 19:38:03 -07:00 |
|
Tom Eastep
|
790c96c90a
|
Version to RC 1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-27 09:11:47 -07:00 |
|
Tom Eastep
|
c6e9de65f1
|
Prevent duplicate 'filter' rules when combining two interface chains
into the same zone forwarding chain.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-27 06:43:47 -07:00 |
|
Tom Eastep
|
8a0dc9f0f6
|
Clean up release notes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-27 06:42:56 -07:00 |
|
Tom Eastep
|
fbfe7b9f93
|
Don't create 'reject' and AUDIT' in the 'stopped' case.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-26 14:11:36 -07:00 |
|
Tom Eastep
|
0287d96aa2
|
Finish filtering implementation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-26 13:38:44 -07:00 |
|
Tom Eastep
|
6c3163cc27
|
Routeback corrections
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-25 10:45:57 -07:00 |
|
Tom Eastep
|
e4d667ca6a
|
Add routeback protection
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-24 17:07:31 -07:00 |
|
Tom Eastep
|
bbe165c3cf
|
Bump version to Beta 5
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-24 11:40:11 -07:00 |
|
Tom Eastep
|
0beb327f0a
|
Rename audited actions and Macros
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-24 11:31:42 -07:00 |
|
Tom Eastep
|
84b844ae79
|
Implement -T option for compile and check
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-24 10:21:49 -07:00 |
|
Tom Eastep
|
ee98772349
|
Add -c to the start command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-24 09:13:02 -07:00 |
|
Tom Eastep
|
021048379f
|
Additions to the Beta 4 Documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-24 08:54:43 -07:00 |
|
Tom Eastep
|
e6c1de3829
|
Correct ADrop action
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-24 07:47:42 -07:00 |
|
Tom Eastep
|
d4b2a462a2
|
Add audited actions to the .spec files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-24 07:30:46 -07:00 |
|
Tom Eastep
|
704f3fdd55
|
Document audited default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-24 07:24:15 -07:00 |
|
Tom Eastep
|
c333368243
|
Create Audited versions of the IPv4 standard default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-24 07:09:15 -07:00 |
|
Tom Eastep
|
f464ec5624
|
Fixes for AUDIT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-23 20:59:33 -07:00 |
|
Tom Eastep
|
016f7d9f2a
|
Yet more shorewall/shorewall6 unification
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-23 16:41:51 -07:00 |
|
Tom Eastep
|
a64d882a36
|
Apply Ed W's first patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-23 14:36:21 -07:00 |
|
Tom Eastep
|
c050b29985
|
Factor some similar code
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-23 14:20:14 -07:00 |
|
Tom Eastep
|
0a11a0e2ad
|
Add xt_AUDIT to modules.xtables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-23 12:08:51 -07:00 |
|
Tom Eastep
|
3ab35c65b0
|
Correct LEGACY_FASTSTART error messages in shorewall and shorwall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-23 11:24:52 -07:00 |
|
Tom Eastep
|
15e9e3182d
|
Update copyrights
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-23 10:06:56 -07:00 |
|
Tom Eastep
|
31e74658c8
|
Update copyrights
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-23 09:51:51 -07:00 |
|
Tom Eastep
|
0704f7ca59
|
Clarify the problem corrected
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-23 09:25:19 -07:00 |
|
Tom Eastep
|
2d574fff10
|
Tweak wording
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-23 06:56:54 -07:00 |
|
Tom Eastep
|
7c250cd5b3
|
Clean up release notes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-23 06:55:54 -07:00 |
|
Tom Eastep
|
54f9a0e671
|
Correct and expand the Problems Corrected section of the release notes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-23 06:43:31 -07:00 |
|
Tom Eastep
|
3b28fcd566
|
Remove documentation disclaimer from release notes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-23 06:41:32 -07:00 |
|
Tom Eastep
|
485a7fb29d
|
Implement 'restart -c'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-23 06:39:26 -07:00 |
|
Tom Eastep
|
e95003b82a
|
Add FAKE_AUDIT option
|
2011-05-22 17:42:50 -07:00 |
|
Tom Eastep
|
5d04c93a16
|
Implement LEGACY_FASTSTART option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-22 15:36:29 -07:00 |
|
Tom Eastep
|
981b503fa4
|
Bump version to Beta 4
|
2011-05-22 11:05:22 -07:00 |
|
Tom Eastep
|
c56fe3448a
|
Update release documents
|
2011-05-22 11:03:57 -07:00 |
|
Tom Eastep
|
529e256856
|
Assigned unused dev numbers
|
2011-05-22 10:18:26 -07:00 |
|
Tom Eastep
|
db6091f101
|
Avoid dependence on 'make'
|
2011-05-22 09:47:57 -07:00 |
|
Tom Eastep
|
99cb09bd84
|
Documentation update 1 for AUDIT supportttt
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-21 16:25:38 -07:00 |
|
Tom Eastep
|
83cdf78b18
|
Replace A_* builtin actions with builtin targets
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-21 15:02:04 -07:00 |
|
Tom Eastep
|
d9b095bdea
|
Document new features
|
2011-05-21 12:07:23 -07:00 |
|
Tom Eastep
|
71ef1f48e2
|
Allow auditing of the builtin actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-21 10:38:25 -07:00 |
|
Tom Eastep
|
82d6a00c9e
|
Implement some extentions to AUDIT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-21 09:25:58 -07:00 |
|
Tom Eastep
|
61b5dbbb95
|
Eliminate cruft left over from when Action.pm and Policy.pm were folded into Rules.pm - Phase II
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-20 10:48:28 -07:00 |
|
Tom Eastep
|
f64e171c19
|
Eliminate cruft left over from when Action.pm and Policy.pm were folded into Rules.pm
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-20 10:46:18 -07:00 |
|
Tom Eastep
|
ac2e9cce64
|
Shrink process_actions2 further.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-20 10:28:30 -07:00 |
|
Tom Eastep
|
676af32ebc
|
Simplify a loop in process_actions2()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-20 10:11:23 -07:00 |
|
Tom Eastep
|
7cbf113ba0
|
Simplify an RE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-05-20 08:33:36 -07:00 |
|
Tom Eastep
|
d15475efae
|
Cleanup of AUDIT before Beta 3
- Correct merge snafus
- Rename the new actions (e.g., ADROP->A_DROP)
- Correct MACLIST_DISPOSITION logic
|
2011-05-20 07:47:35 -07:00 |
|
Tom Eastep
|
e9df13a42b
|
Resolve merge conflicts
|
2011-05-19 15:10:22 -07:00 |
|