Commit Graph

2931 Commits

Author SHA1 Message Date
Tom Eastep
32763e998b Make -v work with the status command
- Also document exit status

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-13 06:52:46 -07:00
Tom Eastep
a10aea280b Add some abbreviations for common commands
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-06 07:05:47 -07:00
Tom Eastep
ceffc000eb Correct Typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-05 08:32:17 -07:00
Tom Eastep
6615c1f736 Clarify usage of Interface Option Chains
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-04 09:01:09 -07:00
Tom Eastep
83d1aa6682 Allow OPTIMIZE=All
- Remove use of literal 4096 from OPTIMIZATION checks.
- Moved constant declarations to the Config module.
- Documented that level 1 is ignored when level 4 is specified.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-29 10:08:35 -07:00
Tom Eastep
aabb22a50f Add the TRACK_RULES option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-24 07:22:51 -07:00
Tom Eastep
7aa33c140d Add an AutoBL action with helper AutoBLL
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-17 10:19:18 -07:00
Tom Eastep
891e3e0e1d Use the --reap option in sticky recent rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 14:46:39 -07:00
Tom Eastep
5c7500e13e Display the current time as an integer in 'show event[s]' output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 09:46:08 -07:00
Tom Eastep
09240da55a Change the external name of MARK_ANYWHERE to 'Mark in the filter table'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 09:45:20 -07:00
Tom Eastep
89f16bdb37 Include a current time event in /proc/net/xt_recent/
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 07:14:22 -07:00
Tom Eastep
8e30831385 Resolve merge conflicts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-11 14:20:38 -07:00
Tom Eastep
d2725fcd87 Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2013-07-11 14:16:19 -07:00
Tom Eastep
9535a7d7df Rename 'Trigger' to 'Event' and document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-11 10:39:21 -07:00
Tom Eastep
3c6df56b57 Implement Triggers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-10 13:27:58 -07:00
Tom Eastep
411ca87ec3 Allow logging rules with more than 15 ports
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-08 15:59:54 -07:00
Tom Eastep
948a7fccc2 Enhance a comment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-07 12:52:04 -07:00
Tom Eastep
73060a3761 Correct typo in dropBcast()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-06 07:58:21 -07:00
Tom Eastep
cd83d7727c Restore handle_original_dest().
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-04 14:51:06 -07:00
Tom Eastep
5121634457 Add ihandle_original_dest()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-04 14:37:24 -07:00
Tom Eastep
131c1f432b Add iverify_source_interface()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-04 14:07:09 -07:00
Tom Eastep
03885f71d3 Create add_expanded_ijump() that breaks long lines
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-03 15:13:48 -07:00
Tom Eastep
b735b93378 Re-factor irule generation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-03 10:59:09 -07:00
Tom Eastep
5ce5d5e607 Delete superfluous blank line
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-02 15:03:50 -07:00
Tom Eastep
00c5985458 Rename clone_rule() to clone_irule()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-02 12:38:16 -07:00
Tom Eastep
1a44b66656 Cleaner handling of trailing spaces from log_irule_limit.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-02 12:32:35 -07:00
Tom Eastep
b215cf379a Generate a warning when Limit is invoked.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-02 12:31:29 -07:00
Tom Eastep
3ec6745df9 Use log_irule_limit() internally where possible.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-02 11:48:02 -07:00
Tom Eastep
55be5b0119 Add log_irule_limit() and log_irule() functions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-02 11:47:19 -07:00
Tom Eastep
42a649d093 Create $globals{LOGILIMIT}
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-02 09:00:36 -07:00
Tom Eastep
18e7e43b2f Eliminate globals{STATEMATCH}
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-01 16:01:57 -07:00
Tom Eastep
6803ce5d41 Add constants for %used values.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-01 15:36:16 -07:00
Tom Eastep
565fb74795 Correct bridge detection and 'qt' implementation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-24 13:07:38 -07:00
Tom Eastep
fc754040d5 Avoid shell error when detecting owner name match
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-24 09:51:32 -07:00
Tom Eastep
cc5a59231b Make qt() work correctly when tracing.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-24 07:17:15 -07:00
Tom Eastep
25f96e6a88 Reword unreachable warning (again)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-20 10:50:28 -07:00
Tom Eastep
71bcd11ab6 Make ?...shell/perl directives case insensitive
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-20 10:39:39 -07:00
Tom Eastep
4bd35a0b93 Allow 'routeback=0'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-16 08:37:53 -07:00
Tom Eastep
cb132e2421 Include the chain name in the 'unreachable' warning.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-11 06:29:07 -07:00
Tom Eastep
53f1cd40df Add 'unmanaged' option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-10 12:36:18 -07:00
Tom Eastep
c653d9ce83 Only issue one 'unreachable' warning per chain.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-08 10:02:19 -07:00
Tom Eastep
254d2037ef Delete unused variable.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-04 15:34:25 -07:00
Tom Eastep
cb8e76b1d2 Add sub get_opttype to emphasize where rule option types are used.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-04 12:49:20 -07:00
Tom Eastep
2b579d2dff Small efficiency change in helper processing.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-04 12:48:22 -07:00
Tom Eastep
fc3e3dbf3c Cosmetic change.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-03 10:53:33 -07:00
Tom Eastep
81acedd1b3 Reword the 'unreachable' warning.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-02 17:13:41 -07:00
Tom Eastep
d8f53cc0a9 Merge branch '4.5.17'
Conflicts:
	Shorewall/Perl/Shorewall/Chains.pm
2013-06-02 15:31:45 -07:00
Tom Eastep
481811d29f Merge NFACCT and EXPENSIVE matches during optimization
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-02 13:29:13 -07:00
Tom Eastep
3867902b27 Use 'NONE' policies for LOOPBACK and LOCAL zones to non-firewall zones.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-02 07:31:32 -07:00
Tom Eastep
adf51d0059 Revise the unreachable warning stuff.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-01 16:32:46 -07:00