Commit Graph

13306 Commits

Author SHA1 Message Date
Tom Eastep
807b9ca627 Revert "Improve handling of mark ranges"
This reverts commit 62f480897e.
2014-12-15 09:39:24 -08:00
Tom Eastep
62f480897e Improve handling of mark ranges
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-14 09:13:41 -08:00
Tom Eastep
685825a336 Correct Handling of Dynamic Zones
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-13 13:48:36 -08:00
Tom Eastep
8edb86ccdd Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2014-12-13 08:35:30 -08:00
Tom Eastep
2d7025dcc3 Correct mark range handling
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-13 08:31:31 -08:00
Tuomo Soini
23e869ad50 shorewall-init: correctly set STATEDIR, we can't use VARDIR from shorewallrc
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2014-11-24 09:43:32 +02:00
Tom Eastep
a833815b31 Correct IPv6 handling of LOG_BACKEND=LOG
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-15 08:56:42 -08:00
Thomas D
664e3bb0a8 Installer: $INITDIR already starts with a "/", so no need for, "$DESTDIR/$INITDIR"
Hi,

before the patch (DESTDIR = "/tmp/shorewall-4.6.5"; INITDIR =
"/etc/init.d"),

> [...]
> SysV init script init.gentoo.sh installed in /tmp/shorewall-4.6.5//etc/init.d/shorewall-lite

after the patch

> [...]
> SysV init script init.gentoo.sh installed in /tmp/shorewall-4.6.5/etc/init.d/shorewall-lite

-Thomas

From e7a192397323bb6cb66d08a6f24e7edfee044f31 Mon Sep 17 00:00:00 2001
From: Thomas D <whissi@whissi.de>
Date: Sat, 15 Nov 2014 16:38:05 +0100
Subject: [PATCH] $INITDIR already starts with a "/", so no need for
 "$DESTDIR/$INITDIR"

Before the patch (DESTDIR = "/tmp/shorewall-4.6.5"; INITDIR = "/etc/init.d"),

  > [...]
  > SysV init script init.gentoo.sh installed in /tmp/shorewall-4.6.5//etc/init.d/shorewall-lite

after the patch

  > [...]
  > SysV init script init.gentoo.sh installed in /tmp/shorewall-4.6.5/etc/init.d/shorewall-lite

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-15 07:55:14 -08:00
Evangelos Foutras
3a64ef7d3a Set SBINDIR to /usr/bin in shorewallrc.archlinux
/usr/bin is the directory used for all binaries that were previously
installed to /bin, /sbin or /usr/sbin. This unification occurred in
Arch Linux in mid-2013, so might as well change it in Shorewall too.

Signed-off-by: Evangelos Foutras <evangelos@foutrelis.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-15 07:55:08 -08:00
Evangelos Foutras
b746c9319f Rename SYSTEMDDIR to SERVICEDIR in shorewallrc.*
This was omitted from commit e3b1034 (Change SYSTEMDDIR to SERVICEDIR).

Signed-off-by: Evangelos Foutras <evangelos@foutrelis.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-15 07:55:04 -08:00
Evangelos Foutras
6f81bb5c8e Fix setting of options[SERVICEDIR] in configure
The previous syntax resulted in:

  ./configure: line 199: [SERVICEDIR]=: command not found

Signed-off-by: Evangelos Foutras <evangelos@foutrelis.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-15 07:55:00 -08:00
Tom Eastep
9241552c52 Make emacs sh-mode work better with lib.core
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-14 16:28:44 -08:00
Tom Eastep
16c1809ef2 Apply Alan Barrett's dhclient patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-14 13:39:23 -08:00
Tom Eastep
ec0ff7f305 Remove $OPTIONS from Shorewall-init service files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-12 14:38:48 -08:00
Tom Eastep
7100af5380 Correct .service files
- Make them match earlier versions

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-11 18:05:04 -08:00
Tom Eastep
f9932d2b08 Correct typos in the -lite manpages
- Remove redundant 'a specify'.
- Change reference to /etc/shorewall[6]/started.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-11 07:48:57 -08:00
Thomas D
2bf80ee3d9 Patches for shorewall manpage
Hi,

here is the patch set for the shorewall6-lite man page.

-Thomas

>From d3fc3bd79f6313e8c940f6df49ae6ea3e05fa590 Mon Sep 17 00:00:00 2001
From: Thomas D <whissi@whissi.de>
Date: Tue, 11 Nov 2014 01:23:44 +0100
Subject: [PATCH 2/2] Fixes for the "commands" section.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-11 07:41:18 -08:00
Tom Eastep
22ac37b51e Patches for Shorewall6 manpage from Thomas D
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-10 07:50:28 -08:00
Tom Eastep
c4171a92f6 Change spacing in shorewall[6] usage output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-10 07:38:58 -08:00
Thomas D
a5b2886ae9 Patches for shorewall manpage
Hi,

I corrected some errors in the manpages. I started with "shorewall".

Tom, please tell me if you like this format and the patches at all.
If you like them, I can send you a similar patch set for shorewall6, too.

-Thomas

From 2aaeaa4f2da7aae92177ced0530f1deff86f44a9 Mon Sep 17 00:00:00 2001
From: Thomas D <whissi@whissi.de>
Date: Sun, 9 Nov 2014 15:45:29 +0100
Subject: [PATCH 11/14] The "-i" option from the "reload" command wasn't marked
 as an option.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-09 07:40:59 -08:00
Tom Eastep
9a6047b3c4 Correct reversed naming of SHA chains
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-06 08:18:52 -08:00
Tom Eastep
6f5de7ef3f Add now logging modules to the modules files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-05 16:19:30 -08:00
Tom Eastep
5b4e3bc07c Accomodate new module names for LOG_BACKEND
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-05 12:51:24 -08:00
Tom Eastep
dc3f163e71 Change the names of the sha1 chains for uniqueness
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-04 17:54:38 -08:00
Tom Eastep
2f545012a6 More documentation updates for -C
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 09:25:58 -08:00
Tom Eastep
c97226c46c Correct behavior of 'start -fC'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 09:25:23 -08:00
Tom Eastep
8c0c1bd1e0 Omit the 'shorewall' chain from .ip[6]tables-restore-input
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 08:16:47 -08:00
Tom Eastep
8b825c4c4c Avoid failure of ip[6]tables-restore.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 07:56:05 -08:00
Tom Eastep
4493b2ab6b Correct typo in 'rules' manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 06:50:40 -08:00
Tom Eastep
9598ac6fad Correct a couple of problems with -C
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-01 10:09:04 -07:00
Tom Eastep
8fb73026c8 Replace SAVE_COUNTERS with the -C command option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-01 09:37:57 -07:00
Tom Eastep
4546cbaff7 Use chains with names derived from a digest to identify ruleset
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-31 11:36:53 -07:00
Tom Eastep
a83c146636 Cleanup
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 20:27:06 -07:00
Tom Eastep
2ffc97867c Correct syntax error in the generated script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 19:59:20 -07:00
Tom Eastep
f08803e293 Preserve counts on 'restart' without compilation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 18:38:45 -07:00
Tom Eastep
b7ab82dba4 Implement -f option in the -lite products' start command
- Remove 'recover' command

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 10:42:39 -07:00
Tom Eastep
113f95c11e Provide STARTOPTIONS and RESTARTOPTIONS in all cases
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 10:22:39 -07:00
Tom Eastep
3454e10525 Add SAVE_COUNTERS option.
- Also implement recover command

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 08:57:56 -07:00
Tom Eastep
edc30fcc8d Process the params file with SHOREWALL_SHELL
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-29 12:22:00 -07:00
Tom Eastep
85e5669fc7 Rename function interface_up() to interface_enabled()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-27 18:38:22 -07:00
Tom Eastep
055fceb82f Update policy manpages for duel limits
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-22 12:27:27 -07:00
Tom Eastep
f5bdc9e7f4 Allow two limits in the RATE LIMIT columns
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-22 11:21:43 -07:00
Tom Eastep
54461a9a90 Correct indentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-20 12:29:45 -07:00
Tom Eastep
b60d6dd6e5 Avoid duplicate module loads
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-20 10:42:53 -07:00
Tom Eastep
4bc91e89db Remove debugging code from Shorewall-init installer
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-19 08:28:41 -07:00
Tom Eastep
2784e93307 Load xt_LOG in both helpers files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-19 08:28:36 -07:00
Tom Eastep
90d1e41dcb Correct IPv4 Helpers file
- Change xt_ULOG to ipt_ULOG

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-19 08:28:29 -07:00
Tom Eastep
20c8bf02b1 Correct Shorewall6 helpers file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-19 08:28:19 -07:00
Tom Eastep
38d4b1c5a9 Revert "Correct last patch"
This reverts commit b528625329.
2014-10-19 08:28:11 -07:00
Tom Eastep
e3a332ec27 Correct last patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-19 08:28:00 -07:00