Commit Graph

475 Commits

Author SHA1 Message Date
teastep
429b8e7d38 Check for DHCP before RFC 1918
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@217 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-24 15:09:34 +00:00
teastep
8f4ff3306e NEWNOTSYN option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@216 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-23 18:51:55 +00:00
teastep
2ef1dbf0af Correct rule processing bug in 1.3.7
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@212 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-23 01:55:51 +00:00
teastep
d766536d1c Correction to iptables 1.2.7 workaround
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@205 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-22 13:34:43 +00:00
teastep
bcea92a607 Work around iptables 1.2.7 bugs
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@204 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-19 17:33:22 +00:00
teastep
7af8a1dbb6 Correct ADD_SNAT_ALIASES problem (again)
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@203 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-19 14:40:42 +00:00
teastep
646a947b8c Correct ADD_SNAT_ALIASES problem
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@202 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-19 13:56:28 +00:00
teastep
652cadb22c Add loopback class A to rfc1918 file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@201 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-17 22:15:41 +00:00
teastep
6ae0ea8981 Make multiport work with iptables 1.2.7
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@197 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-14 16:01:32 +00:00
teastep
3c8515aa6b Remove ICMP.DEF and replace with FORWARDPING option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@189 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-12 17:33:05 +00:00
teastep
0e9e5a4241 Remove extra '-p tcp'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@178 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-06 19:45:49 +00:00
teastep
ed2036ece9 Make 'new not SYN' user-customizable
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@177 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-06 19:06:32 +00:00
teastep
27952f3d4b Final 'New not SYN' implementation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@176 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-06 18:45:13 +00:00
teastep
3428f59895 New technique for dealing with NEW not SYN
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@175 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-05 23:34:46 +00:00
teastep
7b00737a94 Initialize LOGNEWNOTSYN
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@174 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-05 14:43:39 +00:00
teastep
3ae4938cec Update versions to 1.3.6\; Add NEWNOTSYN parameter
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@173 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-05 14:40:06 +00:00
teastep
5940dd8815 Fix proxyarp attribute
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@171 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-04 22:54:49 +00:00
teastep
51c7e767ff Remove lock file when firewall script dies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@165 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-29 23:53:26 +00:00
teastep
63bc520aa9 Allow host-list in /etc/shorewall/hosts again
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@164 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-29 14:31:50 +00:00
teastep
576ee2beee Correct bugs in 1.3.5
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@161 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-27 18:47:09 +00:00
teastep
c2b143cba0 Added 'proxyarp' interface option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@156 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-25 15:05:21 +00:00
teastep
b898747dc3 Add MUTEX_TIMEOUT variable
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@150 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-24 03:47:34 +00:00
teastep
621e8df85b Issue message when adding an IP address
Don't die on lockfile timeout


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@148 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-23 23:09:14 +00:00
teastep
1412f0d698 Centralize addition of IP aliases
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@147 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-23 16:26:45 +00:00
teastep
2344570e81 Change Version to 1.3.5
Save counter reset time/date in /var/lib/shorewall/restarted


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@146 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-22 22:31:07 +00:00
teastep
90e2520f1c Provide saner behavior WRT the hosts file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@144 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-19 22:51:28 +00:00
teastep
44e0821f66 Duplicate new checks in start/restart path
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@141 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-18 13:43:51 +00:00
teastep
646a259f2e Improve source/dest checking in 'check'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@140 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-17 21:42:30 +00:00
teastep
13305c45c3 Detect empty source and destination qualifiers
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@139 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-17 18:55:08 +00:00
teastep
ccdbd9faed Allow shell variable expansion in /etc/shorewall/routestopped
Make the HOST(S) column optional in /etc/shorewall/routestopped
Add a 'stopped' user exit


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@132 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-11 16:15:40 +00:00
teastep
45e4750219 Add 'routestopped' file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@131 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-11 00:01:45 +00:00
teastep
0665db84e1 Correct policy file zone validation during [re]start
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@130 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-09 22:39:22 +00:00
teastep
5fb079b6f3 Rename DETECT_IPADDRS to DETECT_DNAT_IPADDRS
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@129 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-09 21:21:28 +00:00
teastep
90b701de4d Implement DETECT_IPADDRS parameter
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@128 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-09 15:44:49 +00:00
teastep
350426f983 Undo over zealous tabification
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@126 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-06 14:05:30 +00:00
teastep
e899d2a8ab Untabify major files and fix 'hits' bug
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@114 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-05 22:24:40 +00:00
teastep
ee19fb9ea6 More NAT table Tuning
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@113 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-05 21:57:37 +00:00
teastep
a53f7546bb Correct stupid error in chain name routines
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@112 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-05 16:48:41 +00:00
teastep
a8c6143943 More NAT table Rework
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@103 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-05 15:56:02 +00:00
teastep
338673c29a Improve handling of PREROUTING for NAT
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@102 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-04 15:41:51 +00:00
teastep
750d40ce03 Fix MULTIPORT port forwarding
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@101 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-03 23:31:50 +00:00
teastep
939750baa2 Fix NAT_BEFORE_RULES=No
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@100 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-30 14:35:32 +00:00
teastep
6b8a9b8ddf Validate the interfaces in the hosts file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@96 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-28 23:42:00 +00:00
teastep
399aa099ba Correct ICMP Protocol Number in Case Statement
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@93 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-25 16:11:27 +00:00
teastep
90bb5f1b53 Correct RFC1918 Logging
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@92 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-25 14:31:45 +00:00
teastep
1623988384 Validate TARGET column in rfc1918 file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@91 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-21 21:40:36 +00:00
teastep
2bcb33a34d Rename rfc1918 mangle chain
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@90 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-21 17:20:18 +00:00
teastep
115e052f12 Reorganize Tunnel Creation; Automatic 'multi' on wildcard interfaces
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@89 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-21 15:57:01 +00:00
teastep
a9d40f34b3 Reorganize rules file processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@84 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-19 21:51:36 +00:00
teastep
98d57a3733 Correct indentation in check_config()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@83 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-18 19:30:22 +00:00
teastep
8dc9451500 Enable forwarding during clear
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@82 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-18 17:56:00 +00:00
teastep
16a9abc9d8 Flush all chains during clear
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@81 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-18 17:53:24 +00:00
teastep
332352bc6f Correctl duplicate interface message
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@80 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-18 15:50:16 +00:00
teastep
d5bfd4e40a Correctly detect duplicate entry in interfaces file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@79 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-18 15:44:17 +00:00
teastep
38a0ff5486 Fix bug in find_hosts_by_option()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@77 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-17 17:50:45 +00:00
teastep
1cb43c539c Move the 'save' file to /var/lib/shorewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@76 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-16 17:56:45 +00:00
teastep
1c299919c8 Fix bug in find_interfaces_by_option()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@74 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-15 17:28:46 +00:00
teastep
65e4f035b0 Move firewall, functions and version to /var/lib/shorewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@73 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-15 17:27:41 +00:00
teastep
bdb05089e6 Correct an indentation problem in firewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@64 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-12 16:15:26 +00:00
teastep
69220bedfe Cosmetic changes to firewall and shorewall files
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@63 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-11 20:14:58 +00:00
teastep
52ef74cfb8 Correct missing argument to packet_log() in the "shorewall status" command.
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@62 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-10 16:53:18 +00:00
teastep
d58c3ac29e Include workaround for ICMP bug in firewall script.
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@61 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-09 16:30:52 +00:00
teastep
aac129f404 Add dynamic drop/reject/allow/save functions.
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@57 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-04 20:17:46 +00:00
teastep
fe1086676a Speed up multiport selection code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@53 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-02 23:14:51 +00:00
teastep
3563a47103 Don't use "-m multiport" if port lists don't have more than one element.
Clarify comments on the MULTIPORT option in shorewall.conf.
Update versions to 1.3.2.
Update release notes and change log.


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@51 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-02 19:47:17 +00:00
teastep
ca9c02ce7f Fix problem with double-counting SYN packets.
Avoid superfluous jumps to the policy chain with CONTINUE.
Add reserved networks to rfc1918.
Implement MULTIPORT option for multiport match support.


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@50 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-02 17:05:51 +00:00
teastep
16d50cb974 Final Changes for 1.3.1
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@47 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-06-01 00:28:18 +00:00
teastep
44abd1be80 Add rfc1918 file and correct 'all->z CONTINUE' policies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@43 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-05-31 14:33:18 +00:00
teastep
5245e3b75a Final 1.3 Updates
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@41 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-05-30 12:55:47 +00:00
teastep
4c1193e4cd Near complete removal of the 'multi' pseudo-zone
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@31 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-05-18 19:04:45 +00:00
teastep
44170128c2 1.3 Beta 2 Snapshot
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@27 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-05-18 13:45:23 +00:00
teastep
4f01c2b3ed Final 1.2.13 Update
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@15 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-05-04 18:38:49 +00:00
teastep
9ba6a48354 Slight cleanup of the ADD_IP_ALIASES change.
Apply the same change to ADD_SNAT_ALIASES.
Add a new 'report' function that prints and logs in a single call.


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@14 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-05-02 22:56:27 +00:00
teastep
d97c5573c6 Cause aliases added under ADD_IP_ALIASES to use the VLSM and Broadcast of
the primary IP address.


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@13 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-05-02 01:34:56 +00:00
teastep
7c78bb16a7 Initial revision
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@10 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-04-30 23:13:15 +00:00