Commit Graph

1214 Commits

Author SHA1 Message Date
Tom Eastep
607c93125c Don't unconditionally detect helpers when LOAD_HELPERS_ONLY=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>

Conflicts:
	docs/Internals.xml
2012-09-23 06:55:00 -07:00
Tom Eastep
2d01af8256 Correct typos (omma -> comma) in the stoppedrules manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-23 06:52:32 -07:00
Tom Eastep
9dd5f73581 Replace IPv4 addresses in shorewall6-stoppedrules(5)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-23 06:52:26 -07:00
Tom Eastep
83d3d04afb Correct typos (omma -> comma) in the stoppedrules manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-23 06:51:56 -07:00
Tom Eastep
693c573fc3 Replace IPv4 addresses in shorewall6-stoppedrules(5)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-23 06:46:50 -07:00
Tom Eastep
88caf5c9df Correct header in the STOPPEDRULES files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-22 11:51:23 -07:00
Tom Eastep
32f89fa24b Don't unconditionally detect helpers when LOAD_HELPERS_ONLY=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-22 09:27:13 -07:00
Tom Eastep
af5eb575c2 Add tcfilter example with PRIORITY
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-21 07:40:33 -07:00
Tom Eastep
e14f5e5199 Swicth from postincrement to preincrement when bumping 'filterpri'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-17 10:46:31 -07:00
Tom Eastep
0400cedc6c More TC manpage updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-14 08:01:08 -07:00
Tom Eastep
a581958042 Document filter priority algorithm
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-13 16:31:39 -07:00
Tom Eastep
14073e8943 Change TOS priority offset from 10 to 15
- Make it distinct from tcp-ack

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-13 08:25:05 -07:00
Tom Eastep
e02906e4f9 Add TOS to classification priority enumeration
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-13 07:46:52 -07:00
Tom Eastep
75953a87cb Optional priority on hfsc classes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-12 13:39:54 -07:00
Tom Eastep
e431d5ab53 Document changes to filter priorities
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-10 17:12:59 -07:00
Tom Eastep
f6e3107c00 Redefine tc filter priorities
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-10 10:03:16 -07:00
Tom Eastep
9d6e0fd9ed Add a PRIORITY column to the tcfilters file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-09 14:48:32 -07:00
Tom Eastep
5c62bf297a Document multiple GID/UIDs in the USER/GROUP column
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-09 08:18:25 -07:00
Tom Eastep
6aaf06c2e8 Add stoppedrules files to the samples
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-04 09:06:45 -07:00
Tom Eastep
2050d566b8 Handle PRODUCT correctly at run-time.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-04 07:36:47 -07:00
Tom Eastep
bdd66e68c9 Have separate hashes for the two shorewallrc files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-03 20:09:20 -07:00
Tom Eastep
afd9875d3a Update Manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-03 10:52:22 -07:00
Tom Eastep
8e5bd3637d Implement stoppedrules file (less manpages)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-03 08:44:03 -07:00
Tom Eastep
34ee00a986 Document the <directory> argument to the 'try' command.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-01 10:53:35 -07:00
Tom Eastep
303dc65d13 Merge branch '4.5.7' 2012-08-28 11:46:04 -07:00
Tom Eastep
d838cf41bf Allow TTL and HL in the PREROUTING chain.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-28 11:45:32 -07:00
Togan Muftuoglu
1a324fa37f Suse specific patches
Hi Tom,

I have been patching shorewall packages for the opensuse releases, but I
guess it is better to send them to you . the upstream so it gets
incorporated into shorewall itself and I do not have to patch it ;)

I believe I have incorparted most of my patches in to this one. If you
can review them and if appropriate apply them that would be great

Thanks

Togan

>From 6072c08de753e7d1cc31bb758295dee198197e41 Mon Sep 17 00:00:00 2001
From: Togan Muftuoglu <toganm@opensuse.org>
Date: Fri, 24 Aug 2012 13:17:12 +0200
Subject: [PATCH] suse-specific

Signed-off-by: Togan Muftuoglu <toganm@opensuse.org>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-25 08:45:57 -07:00
Tom Eastep
b45d15eec6 Revert "Apply Togan Muftuoglu's SuSE-specific init patches"
This reverts commit 2412998b57.
2012-08-25 08:45:18 -07:00
Togan Muftuoglu
906795a4d7 Suse specific patches
Hi Tom,

I have been patching shorewall packages for the opensuse releases, but I
guess it is better to send them to you . the upstream so it gets
incorporated into shorewall itself and I do not have to patch it ;)

I believe I have incorparted most of my patches in to this one. If you
can review them and if appropriate apply them that would be great

Thanks

Togan

>From 6072c08de753e7d1cc31bb758295dee198197e41 Mon Sep 17 00:00:00 2001
From: Togan Muftuoglu <toganm@opensuse.org>
Date: Fri, 24 Aug 2012 13:17:12 +0200
Subject: [PATCH] suse-specific

Signed-off-by: Togan Muftuoglu <toganm@opensuse.org>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-25 08:41:28 -07:00
Tom Eastep
519e799ef1 Unify the mode of init files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-24 06:59:11 -07:00
Tom Eastep
2412998b57 Apply Togan Muftuoglu's SuSE-specific init patches
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-24 06:32:30 -07:00
Tom Eastep
64edd30a76 Correct link in shorewall[6].conf manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-21 07:54:51 -07:00
Tom Eastep
99efb518bd Add the HELPER column to the rules files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-18 12:05:42 -07:00
Tom Eastep
1f59e4f449 Update case in conditionals.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-14 11:42:46 -07:00
Tom Eastep
fdc45a990d Arrange for HELPER to match in the RELATED section.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-13 15:44:19 -07:00
Tom Eastep
44a550870c Add HELPER action.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-13 13:23:38 -07:00
Tom Eastep
f1fbb95d48 Update documentation for content merged from the 4.5.8 (master) path
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-13 08:16:36 -07:00
Tom Eastep
50bd1d6398 Add AUTOHELPER option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-12 07:25:11 -07:00
Tom Eastep
e00616a1fe Don't release blacklist files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-07 07:56:16 -07:00
Tom Eastep
56caf3687f Factor out the ?IF __CT_TARGET tests in the conntrack files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-06 09:26:14 -07:00
Tom Eastep
b4c812b676 Correct helper parsing in the Raw module.
- Require (...) around multiple ctevents
- Detect invalid options

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-05 08:09:17 -07:00
Tom Eastep
093985dd93 Use HELPERS to enable/disable helper association.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-03 19:26:02 -07:00
Tom Eastep
72307df6d2 Replace the AUTOHELPERS option with the HELPERS option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-03 10:53:20 -07:00
Tom Eastep
7689b1e84b Remove the 'zone' helper option for now.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-03 06:39:58 -07:00
Tom Eastep
21770a89d6 Detect which matches are available.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-02 15:38:23 -07:00
Tom Eastep
223ed5b3a3 More additions to the helper table and to the conntrack files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-02 13:25:44 -07:00
Tom Eastep
2ae59bb3cd Add COMMENT directives to conntrack file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-02 11:58:00 -07:00
Tom Eastep
07e56d129a Add AUTOHELPERS option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-02 11:09:18 -07:00
Tom Eastep
62d6d2558e Rename AUTO_COMMENT to AUTOCOMMENT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-02 11:06:41 -07:00
Tom Eastep
833e54c9c3 Rename the notrack file to conntrack
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-02 11:02:17 -07:00
Tom Eastep
ac6e67e371 Correct typo in rules manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-30 07:23:40 -07:00
Tom Eastep
735b7c2cf5 Add support for nfacct
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-28 11:21:16 -07:00
Tom Eastep
c0e4d4093c Clarify TOS value
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-16 15:53:22 -07:00
Tom Eastep
1db79a91eb 'rpfilter' option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-15 10:05:32 -07:00
Tom Eastep
41c7c8f923 Make the Invalid Drop rules uniform across sample files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-27 15:16:16 -07:00
Tom Eastep
17d22fb5b8 Prevent multiple 'tproxy' providers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-23 17:26:18 -07:00
Tom Eastep
b9d59bc60c Document that 'classify' with marks is now allowed.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-22 10:17:26 -07:00
Tom Eastep
1b7601cb19 Update all samples to specify OPTIMIZE=31
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-21 11:48:48 -07:00
Tom Eastep
7b6f329830 Document UID/GID ranges
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-19 14:05:38 -07:00
Tom Eastep
4a55705b9a Update tcclasses manpages titles to include HFSC
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-18 07:54:25 -07:00
Tom Eastep
0a928cb034 Add tc-red(8) as reference to the tcclasses manpages. 2012-06-17 10:03:19 -07:00
Tom Eastep
2807502836 More tcclasses manpage cleanup.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-16 06:50:23 -07:00
Tom Eastep
780e7014d4 Cleanup of tcclasses manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-15 10:34:09 -07:00
Tom Eastep
9159372897 Fix a typo in the tcfilters manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-14 13:08:37 -07:00
Tom Eastep
6c47349689 Support 'red' queuing discipline
- Also added 'ls' support for HFSC

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-13 14:29:13 -07:00
Tom Eastep
cbba5741ce Correct typos in tcdevices manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-12 09:40:15 -07:00
Tom Eastep
844f6c63e4 Add support for TC size tables.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-11 15:45:47 -07:00
Tom Eastep
8a9427ebff Merge branch '4.5.4' 2012-06-07 14:12:48 -07:00
Tom Eastep
38adf3d186 Set 'sourceroute=0' on all sample net interfaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-06 14:30:00 -07:00
Tom Eastep
ee467a4877 Allow embedded shell/Perl directives to have leading '?'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-05 07:32:43 -07:00
Tom Eastep
170875c7dd Convert the 'ignore' interface to be multi-valued
-Allows 'ignore=1' to only exempt interface from updown processing

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-05 07:23:23 -07:00
Tom Eastep
69badac72f Merge branch '4.5.4'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-30 14:43:05 -07:00
Tom Eastep
de184b32bc Fix sectioned IPSEC accounting.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-30 14:37:29 -07:00
Tom Eastep
ea173ab628 Correct IPSEC accounting manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-30 14:09:41 -07:00
Tom Eastep
5211b32aa6 Remove quotes from GEOIPDIR setting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-25 07:09:07 -07:00
Tom Eastep
5b891f1072 Remove quotes from GEOIPDIR setting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-25 07:05:38 -07:00
Tom Eastep
fc97f6d00e Implement LOG target option control.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-24 13:54:59 -07:00
Tom Eastep
92ce190bf0 Remove Geoip from Shorewall6/actions.std.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-21 12:31:01 -07:00
Tom Eastep
ab2376d61d Document 15-cc limit.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-21 07:03:53 -07:00
Tom Eastep
d8ec051114 Load the geoip cc's dynamically.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-20 08:59:59 -07:00
Tom Eastep
f0a3e1652a Bracket non-trivial cc lists with [...]
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-19 09:39:49 -07:00
Tom Eastep
f15e6d3995 Additional optimization in level 4.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-18 16:50:08 -07:00
Tom Eastep
55c88e8e81 Replace curly brace enclosure with a preceding caret to avoid ambiguity.
- {...} is used to enclose a set of column/value pairs and it is certain
  that the two will become confused.
2012-05-17 15:26:16 -07:00
Tom Eastep
3436fbd6ad Don't use ?INCLUDE in modules files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-17 10:45:12 -07:00
Tom Eastep
d220d3d9d5 Abandon action.GeoIP in favor of extended syntax in the SOURCE and DEST columns.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-17 10:44:02 -07:00
Tom Eastep
17e25932f0 Fixes for GeoIP
- Correct check for valid ACTION
- Add to Shorewall6/actions.std
- Only use geoip once per invocation

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-15 11:14:28 -07:00
Tom Eastep
3d541f50c8 Use "(S)" consistently in column headings.
- add synonyms so both the singular and plural forms are accepted.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 12:42:04 -07:00
Tom Eastep
9e743451f6 Add FORMAT 2 to tcrules files. Initialize $format in Tc.pm
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 07:08:06 -07:00
Tom Eastep
cb7fc31f0b Restore 4.5.3 compatibility
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-10 14:23:33 -07:00
Tom Eastep
69d735ea0a Make TPROXY actually work!
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-10 11:19:23 -07:00
Tom Eastep
605ef6ef86 Tweak to DIVERT plus correct TPROXY in man pages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-09 13:10:51 -07:00
Tom Eastep
582d025f58 Add DIVERT action to tcrules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-09 09:41:58 -07:00
Tom Eastep
cd35b6a13f Modify macro.BLACKLIST to use blacklog when appropriate
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-05 08:56:55 -07:00
Tom Eastep
097ab853db Apply Tuomo Soini's tunnels patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-04 06:18:22 -07:00
Tom Eastep
bd30d59f3d Fix annotated interfaces files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-03 14:09:49 -07:00
Tom Eastep
e4c4900b32 Add recent changes to a couple of config files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-03 12:32:47 -07:00
Tom Eastep
4d23ec2c48 Belatedly document FORMAT-2 interfaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-03 10:07:36 -07:00
Tom Eastep
15aa1dae62 Enhancements to the 'refresh' command.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-02 13:48:18 -07:00
Tom Eastep
2dd82a9898 Update Multi-ISP documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-01 10:28:12 -07:00
Tom Eastep
dc63efdbfd Use ?INCLUDE in modules files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-25 07:33:40 -07:00
Tom Eastep
d904a2de86 Search and destroy trailing whitespace
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-24 14:52:57 -07:00
Tom Eastep
0f53c3cc7d Convert all interfaces files to format-2 only
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-24 10:53:09 -07:00
Tom Eastep
f40144f6af Corret tcrules manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-21 09:53:00 -07:00
Tom Eastep
34f5838365 Allow multiple GATEWAYS to be listed in the tunnels file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-18 09:28:37 -07:00
Tom Eastep
52ebca3fe1 Merge branch '4.5.2'
Conflicts:
	Shorewall-core/lib.cli
	Shorewall/Perl/Shorewall/Config.pm

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-16 13:47:05 -07:00
Tom Eastep
5a350d1899 More variable synchronization
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-16 11:40:49 -07:00
Tom Eastep
805166a354 Ressurect LOCKFILE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-16 07:21:06 -07:00
Tom Eastep
eb7a21030d Correct Makefiles
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-14 12:03:51 -07:00
Tom Eastep
a32ce5c34a Correct Makefiles
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-14 12:01:37 -07:00
Tom Eastep
59d1a57f06 Add the -T option to the load, reload, restart and start commands.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-11 14:28:44 -07:00
Tom Eastep
74fdd97b14 Warn about not using sections in the accounting file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-09 16:47:56 -07:00
Tom Eastep
a2abad3f68 Modify getparams to use the installed shorewallrc file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-07 09:07:07 -07:00
Tom Eastep
41266627cd Fix secondary CLIs
- construct the correct pathname for lib.cli
2012-04-03 08:09:18 -07:00
Tom Eastep
abd864eecb Update copyrights in init scripts that have them
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-03 07:52:39 -07:00
Tom Eastep
fb428bf564 Don't modify CONFDIR and SHAREDIR in the shell code
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-02 12:39:49 -07:00
Tom Eastep
a11e2dd452 Correct uninstall scripts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-02 06:48:23 -07:00
Tom Eastep
bb6e17fd3e Many changes involved in getting a relocated installations to work
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-01 10:47:24 -07:00
Tom Eastep
e48e13012c Fix up lib.base during installation
- Shorewall-core installer creates all necessary directories.
2012-04-01 08:16:07 -07:00
Tom Eastep
fead683f18 Modify init scripts if ${SHAREDIR} is non-standard
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-30 16:21:37 -07:00
Tom Eastep
0d19c99699 Correct default setting of CONFDIR when .shorewallrc is not found
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-28 06:28:53 -07:00
Tom Eastep
b31f656d63 Update uninstall scripts for multiple .shorewallrc locations.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-26 16:19:40 -07:00
Tom Eastep
fd82877312 Another fix for init.sh
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-26 07:49:49 -07:00
Tom Eastep
2518c653af Modify RedHat/Fedora init scripts for shorewallrc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-26 07:20:31 -07:00
Tom Eastep
877796a7ca Add shorewallrc processing to other CLI programs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-24 22:14:01 -07:00
Tom Eastep
eb118e4443 Add shorewallrc files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-24 13:05:39 -07:00
Tom Eastep
7bc823fb8b Support 'kerneltz'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 15:57:38 -07:00
Tom Eastep
15ca0fd1f0 Add IPSET_WARNINGS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 19:30:04 -07:00
Tom Eastep
b7465262ca Rename MARK/CLASSIFY column to ACTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-16 10:09:13 -07:00
Tom Eastep
ab13fbe95e Allow conditional compilation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-16 08:16:12 -07:00
Tom Eastep
3e9edcb7e8 Correct typos in accounting manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-14 14:50:25 -07:00
Tom Eastep
4ba88d2e9c Merge branch '4.5.1' 2012-03-14 11:00:56 -07:00
Tom Eastep
aa503e7211 Apply Tuomo Soini's Makefile patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-14 10:57:41 -07:00
Tom Eastep
98f8edbde5 Apply two patches from Tuomo Soini
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-13 13:27:20 -07:00
Tom Eastep
1dd6a8b291 Document use of chain designators with DSCP and TOS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-13 13:26:29 -07:00
Tom Eastep
feb5cc0093 Document use of chain designators with DSCP and TOS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-13 13:25:37 -07:00
Tom Eastep
acb2e2a8ab Implement mss= in hosts file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-12 15:14:35 -07:00
Tom Eastep
fa9f8329b5 Apply two patches from Tuomo Soini
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-12 13:57:37 -07:00
Tom Eastep
48570227ba Big cleanup of TOS handling
- Validate settings/matches
- Allow setting in the tcrules file.
- Deprecate /etc/shorewall[6]/tos
2012-03-09 16:16:25 -08:00
Roberto C. Sanchez
87381a0f65 FIx typos 2012-02-24 23:02:30 -05:00
Tom Eastep
7de961ebfe Fix broken init scripts.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-21 13:16:12 -08:00
Tom Eastep
d5af9c360d Implement FORMAT-2 interfaces file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-21 11:23:58 -08:00
Tom Eastep
a1ec1dc178 Add DSCP match support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-20 08:47:48 -08:00
Tom Eastep
58f0425d4a Correct a typo in the blrules manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-17 15:33:45 -08:00
Tom Eastep
b462503527 Merge branch '4.5.0' 2012-02-05 07:26:39 -08:00
Tom Eastep
7887def6ad Move manpages directories to their respective product directories
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-05 07:09:27 -08:00
Tom Eastep
6cf7a98eeb Move Samples into the corresponding product directory
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-04 17:18:55 -08:00
Tom Eastep
aeac7cacb0 Make shorewall-init work again.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-20 09:10:13 -08:00
Tom Eastep
25d45dedfc Add STARTOPTIONS and RESTARTOPTIONS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-16 10:03:13 -08:00
Tom Eastep
93bd0b59a8 Load lib.base from lib.cli
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-14 14:17:06 -08:00
Tom Eastep
4c2df6fea7 Rename route_rules to rtrules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-09 06:38:55 -08:00
Tom Eastep
6f5ab698b4 Add a PROBABILITY column to the tcrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-06 12:54:37 -08:00
Tom Eastep
9353788285 Correct uninstall scripts for Shorewall and Shorewall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-04 08:07:27 -08:00
Tom Eastep
e545bf4f04 Unify install files between Shorewall and Shorewall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-03 16:35:41 -08:00
Tom Eastep
a39f4699dc Update versions and copyrights
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-02 07:43:13 -08:00
Tom Eastep
48a59e032e Add Shorewall-common
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-01 20:30:09 -08:00
Tom Eastep
53451bdaa6 Remove BLACKLIST section from rules files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-27 15:32:49 -08:00
Tom Eastep
c03fe0a076 Implement USE_LOGICAL_NAMES.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-20 16:03:56 -08:00
Tom Eastep
3e72442954 Convert sample notrack files to FORMAT 2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-20 14:38:44 -08:00
Tom Eastep
74cee48bc0 Change /sbin/shorewall6 back into a file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-19 15:52:42 -08:00
Tom Eastep
d4957696d1 Update man pages and sample files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 17:45:09 -08:00
Tom Eastep
299701e466 Make /sbin/shorewall6 a symbolic link
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-04 10:21:33 -08:00
Tom Eastep
e7d2b1d4ed Consolidate the lib.common files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-04 09:19:48 -08:00
Tom Eastep
0138419cb7 Delete obsolete libs during install
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-03 12:28:31 -08:00
Tom Eastep
860ce45924 Delete redundant files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-03 11:22:22 -08:00
Tom Eastep
bc3782c3de Pass $CONFIG_PATH to compiler.pl
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-02 09:31:26 -08:00
Tom Eastep
3110f7c74a Add enable/disable commands to the CLIs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-01 10:25:51 -08:00
Tom Eastep
d27965a4d2 Enable 'update' in shorewall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-30 08:12:49 -08:00
Tom Eastep
3581b2667e Don't install the blacklist file in /etc/shorewall[6]
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-27 14:39:59 -08:00
Tom Eastep
4d30811794 Implement 'show marks'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 12:29:17 -08:00
Tom Eastep
86c51f24d9 Deprecate the old mark layout options.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 17:14:05 -08:00
Tom Eastep
9d56fcab89 Update Shorewall6 .conf files and manpage
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 16:54:10 -08:00
Tom Eastep
73ed66b9b9 Add ULOG and NFLOG capabilities plus LOGMARK for IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-12 14:10:48 -08:00
Tom Eastep
d053faadde Allow convertion of a legacy blacklist configuration
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-08 12:59:40 -08:00
Tom Eastep
6108a9cad8 Delete BLACKLISTSECTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-06 14:46:14 -08:00
Tom Eastep
da7516d401 Update config files and manpages for BLACKLISTSECTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-06 12:05:07 -08:00
Tom Eastep
755ed9859b Merge branch '4.4.25' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall 2011-11-06 06:16:43 -08:00
Roberto C. Sanchez
cf8c30904d Add support for a "status" command to the Debian init scripts
(cherry picked from commit d36a2030ea)
2011-11-06 09:10:59 -05:00
Tom Eastep
38d1a2ada9 Add DropSmurfs and TCPFlags to the IPv6 actions.std file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-05 07:54:21 -07:00
Tom Eastep
d883e45f83 Correct 'start -f' with AUTOMAKE=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-05 07:54:05 -07:00
Tom Eastep
e236be37db Include the rawpost table in dump output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-05 07:52:40 -07:00
Tom Eastep
8b8140cc9f Add 'Basic Filter' capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-01 06:34:57 -07:00
Tom Eastep
3aac252645 Cleanup of IPv6 config files and manpages
- Add BLACKLIST section to IPv6 rules files.
- Add USE_DEFAULT_RT to the shorewall6.conf files and to the manpage.
2011-10-26 05:59:27 -07:00
Tom Eastep
54ba4ed879 Add MARK column to route_rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-23 07:56:53 -07:00
Tom Eastep
bf6ea13898 Update .service files with patch from Jonathan Underwood
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-12 06:13:15 -07:00
Tom Eastep
a077a9821d Implement rate estimation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-11 15:27:24 -07:00
Tom Eastep
e728d663f9 Implement IPTABLES_S capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-01 13:54:52 -07:00
Tom Eastep
76707d29ba Make find_first_interface_address() more lenient on IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 14:44:01 -07:00
Tom Eastep
caddd65412 Rename condition->switch and add more documentation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 12:33:55 -07:00
Tom Eastep
75b4540d26 Add support for condition match in the rules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-21 15:20:50 -07:00
Tom Eastep
d005536fcc Merge branch 'master' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-20 16:20:34 -07:00
Tom Eastep
2749857eb2 Support 'shorewall6 show rawpost'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-18 06:57:57 -07:00
Tom Eastep
895d2f34c5 Externalize stateless NAT for IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-15 14:27:05 -07:00
Tom Eastep
e59bb25225 Cosmetic change
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-13 11:32:25 -07:00
Tom Eastep
8fe6425690 Correct DONT_LOAD
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-13 07:42:26 -07:00
Tom Eastep
149e697d71 Clarify routeback vs routefilter/sfilter in interfaces manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-07 11:12:43 -07:00
Tom Eastep
2285dce4d1 Fix debugging of ipv6 ruleset
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-03 13:58:05 -07:00
Tom Eastep
058b746f57 Use /sys/module/ to speed up module loading
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-03 11:49:31 -07:00
Tom Eastep
bcb5d76c2f Remove QUOTA_MATCH code from Shorewall.6 lib.cli
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-26 12:56:51 -07:00
Tom Eastep
971adc3d5b Add support for serviced in the installers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-23 14:07:44 -07:00
Tom Eastep
33afe26a19 Add Redhat/Fedora init scripts from Jonathan Underwood
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-22 09:05:40 -07:00
Tom Eastep
4e15786156 Add copyright statements to the .service files 2011-08-22 06:53:04 -07:00
Tom Eastep
e6a6a1a609 Add .service files for systemd 2011-08-22 06:27:23 -07:00
Tom Eastep
24aacd67e6 Improve lockfile arguments
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-21 11:28:45 -07:00
Tom Eastep
56addf3d4c Remove stale lock files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-21 10:53:24 -07:00
Tom Eastep
2963acee80 Remove stale lock files 2011-08-21 10:21:58 -07:00
Tom Eastep
bc706324e9 Add an ALL section to the rules files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-15 15:32:24 -07:00
Tom Eastep
0b2a8b12c7 Implement Stateless NAT support.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-14 12:01:17 -07:00
Tom Eastep
97121116a3 Add rawpost table detection
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-13 11:14:29 -07:00
Tom Eastep
4824c9b8ff Add QUOTA_MATCH capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-08 14:37:47 -07:00
Tom Eastep
35457f4e95 Remove she-bang from lib.*
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-03 07:54:46 -07:00
Tom Eastep
679de4ccf6 Apply Orion Poplawski's 'qtnoin' patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-02 16:51:49 -07:00
Tom Eastep
f675513383 Make 'build' work on a Mac
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-30 10:57:32 -07:00
Tom Eastep
a992ec594a Accomodate kernel version 3.0
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-27 17:03:27 -07:00
Tom Eastep
9661b445f2 Make install/uninstall files version independent
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-13 07:29:47 -07:00
Tom Eastep
b70666eaf6 Move .spec files to release/
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-08 10:07:08 -07:00
Tom Eastep
f977761980 Add modules.ipset to modules INCLUDEs.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-05 15:57:24 -07:00
Tom Eastep
cf5613441d Correct loading of xt_ipset
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-05 15:57:14 -07:00
Tom Eastep
fb9e3a84c5 Correct check for new ipset match syntax
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-05 15:56:52 -07:00
Tom Eastep
95acabe97e Make load and reload use the .conf file in the CWD
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-05 15:56:38 -07:00
Tom Eastep
1c199a2644 Add semicolons in new actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-04 14:59:07 -07:00
Tom Eastep
20cee7649e Change quotes in action.Broadcast 2011-07-04 13:32:32 -07:00
Tom Eastep
fd44a53608 Correct Shorewall6 .spec file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-04 13:22:27 -07:00
Tom Eastep
a355141f40 Correct typo in .spec files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-04 13:13:52 -07:00
Tom Eastep
87870ad121 Add new actions to the .spec file 2011-07-04 13:01:49 -07:00
Tom Eastep
e1d8d71348 Version to 4.4.22 Beta 1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-04 09:36:54 -07:00
Tom Eastep
cb8d9e8e14 Update IPv6 standard default actions to use new parameterized actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-04 08:01:18 -07:00
Tom Eastep
caa0a12e8c Implement parameterized default actions for IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-04 07:52:18 -07:00
Tom Eastep
901b71a85c Add new IPv6 Standard Actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-04 07:51:22 -07:00
Tom Eastep
610e742ab5 Add IPv6 action.Broadcast
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-04 07:00:58 -07:00
Tom Eastep
bd1d7d6f92 Don't quote the empty setting of LOGLIMIT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-03 15:55:45 -07:00
Tom Eastep
f96c32634c Make config file quoting more consistent with update
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-03 15:55:27 -07:00
Tom Eastep
3e8c1f4e3c Add undocumented -c option to show and dump
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-29 11:48:23 -07:00
Tom Eastep
cbeebb6bf8 Bump version to 4.4.21.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-29 11:36:04 -07:00
Tom Eastep
fe2ef23f04 Correct install.sh
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 21:16:55 -07:00
Tom Eastep
f4acb5fa2f Install annotated and un-annotated config files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 15:13:40 -07:00
Tom Eastep
6f68ed5508 Initiate 4.4.21 RC 1 2011-06-23 16:23:52 -07:00
Tom Eastep
de7d95e7ff Rename 'ipset v4' -> 'ipset v5'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-23 06:36:35 -07:00
Tom Eastep
04d551d8ca Detect ipset V4 and use its syntax
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 16:43:42 -07:00
Tom Eastep
7b2cbf2449 Make 'show dynamic <zone>' work correctly with new ipset program
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 17:22:04 -07:00
Tom Eastep
44cbfd8f27 Correct defects found while unit testing IPv6 Dynamic Zones
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 13:33:25 -07:00
Tom Eastep
7753f798b0 Bump Version to Beta 3
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 10:09:53 -07:00
Tom Eastep
2769b09f64 Correct typeos in shorewall and shorwall6 2011-06-19 08:39:44 -07:00
Tom Eastep
4916610033 Rename upgrade => update
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 07:14:27 -07:00
Tom Eastep
df2f7ec6a5 Implement 'upgrade' and delete the '-u' and '-a' options of 'check'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 17:39:44 -07:00
Tom Eastep
c7be1f1b38 Remove silly "#LAST LINE" from shorewall6.conf
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 13:14:55 -07:00
Tom Eastep
6f2cc31dde Implement .conf file upgrade
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 13:03:55 -07:00
Tom Eastep
e5d8be5aa5 Bump version to Beta 2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 11:23:43 -07:00
Tom Eastep
10ae91b600 Delete deprecated options from the .conf files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-12 13:46:26 -07:00
Tom Eastep
8780aff7f2 Rename PLAIN->ANNOTATED 2011-06-12 09:45:50 -07:00
Tom Eastep
a0c5647c2a Re-add IPv6 ipset support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-12 06:22:18 -07:00
Tom Eastep
0e839f3d7b Initiate 4.4.21
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-07 09:54:35 -07:00
Tom Eastep
9fb2ab718c Have AUTOMAKE follow CONFIG_PATH
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-07 08:51:36 -07:00
Tom Eastep
642319d706 Change annotated documentation default
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-06 15:40:21 -07:00
Tom Eastep
cfb3d6a801 Merge branch '4.4.20' 2011-06-06 14:09:26 -07:00
Tom Eastep
6136e986cf Update version to 4.4.20.1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-06 14:08:25 -07:00
Tom Eastep
447d0f0b2d Don't modify the .conf file installed in configfiles.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-06 09:46:52 -07:00
Tom Eastep
c42c6864b4 Don't modify the .conf file installed in configfiles.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-06 09:46:22 -07:00
Tom Eastep
2803d3ee0b Merge branch '4.4.20' 2011-06-06 07:02:57 -07:00
Tom Eastep
c2e78bfaf8 Correct address of the FSF
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-06 06:55:40 -07:00
Tom Eastep
1e883c2fdf Merge branch '4.4.20' 2011-06-02 06:47:09 -07:00
Tom Eastep
086a99ea24 Don't initialize PLAIN
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-02 06:23:57 -07:00
Tom Eastep
468ff6efab First cut at IPSET/Dynamic-zone support in Shorewall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-31 11:23:43 -07:00
Tom Eastep
8df470b5f5 Version to 4.4.20 2011-05-31 09:30:18 -07:00
Tom Eastep
2dec3a8ecb Correct handling of AUDIT_TARGET is both cli libraries.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-30 11:39:21 -07:00
Tom Eastep
7c8191ddae Remove a pushd from the Shorewall6 installer 2011-05-30 08:43:34 -07:00
Tom Eastep
7b560eefe4 Allow compound options in the installers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-30 08:15:59 -07:00
Tom Eastep
a71136fd5a Rework configuration files for Shorewall and Shorewall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-29 14:34:18 -07:00
Tom Eastep
316b2b8e71 Add MACLIST_DISPOSITION shorewall6.conf manpage 2011-05-28 20:01:54 -07:00
Tom Eastep
60d9f48f15 Add MACLIST_* to shorewall6.conf 2011-05-28 19:52:39 -07:00
Tom Eastep
c81b4b0aea Add LOGRATE to shorewall6.conf 2011-05-28 19:48:46 -07:00
Tom Eastep
22278188dd Add LOGBURST to shorewall6.conf 2011-05-28 19:46:47 -07:00
Tom Eastep
6a37fa89e6 Remove duplicate RESTOREFILE 2011-05-28 19:43:45 -07:00
Tom Eastep
bc4f6eecce Install shorewall6.conf.default 2011-05-28 16:02:31 -07:00
Tom Eastep
839909e8ea Remove LOCKFILE from shorewall6.conf 2011-05-28 15:15:54 -07:00
Tom Eastep
6d3640dafc Alphabetize config files and sync files and manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-28 10:34:54 -07:00
Tom Eastep
790c96c90a Version to RC 1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-27 09:11:47 -07:00
Tom Eastep
0287d96aa2 Finish filtering implementation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-26 13:38:44 -07:00
Tom Eastep
e4d667ca6a Add routeback protection
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-24 17:07:31 -07:00
Tom Eastep
bbe165c3cf Bump version to Beta 5
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-24 11:40:11 -07:00
Tom Eastep
0beb327f0a Rename audited actions and Macros
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-24 11:31:42 -07:00
Tom Eastep
84b844ae79 Implement -T option for compile and check
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-24 10:21:49 -07:00
Tom Eastep
ee98772349 Add -c to the start command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-24 09:13:02 -07:00
Tom Eastep
d4b2a462a2 Add audited actions to the .spec files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-24 07:30:46 -07:00
Tom Eastep
c5b38de69c Add Audited Standard IPv6 Default Actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-24 07:17:25 -07:00
Tom Eastep
016f7d9f2a Yet more shorewall/shorewall6 unification
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-23 16:41:51 -07:00
Tom Eastep
471d405f7d Delete A_* from 'show actions' output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-23 16:41:08 -07:00
Tom Eastep
552ab52f92 More shorewall/shorewall6 unification
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-23 16:17:09 -07:00
Tom Eastep
a64d882a36 Apply Ed W's first patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-23 14:36:21 -07:00
Tom Eastep
3ab35c65b0 Correct LEGACY_FASTSTART error messages in shorewall and shorwall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-23 11:24:52 -07:00
Tom Eastep
15e9e3182d Update copyrights
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-23 10:06:56 -07:00
Tom Eastep
31e74658c8 Update copyrights
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-23 09:51:51 -07:00
Tom Eastep
485a7fb29d Implement 'restart -c'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-23 06:39:26 -07:00
Tom Eastep
5d04c93a16 Implement LEGACY_FASTSTART option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-22 15:36:29 -07:00
Tom Eastep
981b503fa4 Bump version to Beta 4 2011-05-22 11:05:22 -07:00
Tom Eastep
db6091f101 Avoid dependence on 'make' 2011-05-22 09:47:57 -07:00
Tom Eastep
83cdf78b18 Replace A_* builtin actions with builtin targets
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-21 15:02:04 -07:00
Tom Eastep
d15475efae Cleanup of AUDIT before Beta 3
- Correct merge snafus
- Rename the new actions (e.g., ADROP->A_DROP)
- Correct MACLIST_DISPOSITION logic
2011-05-20 07:47:35 -07:00
Tom Eastep
e9df13a42b Resolve merge conflicts 2011-05-19 15:10:22 -07:00
Tom Eastep
5e68dbfa9a Complete first attempt at AUDIT support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-19 12:06:43 -07:00
Tom Eastep
d2ab27c071 More AUDIT changes 2011-05-18 21:25:57 -07:00
Tom Eastep
ce8df2f66c Revert "Bump version to Beta 3"
This reverts commit 465e729288.
2011-05-18 17:50:12 -07:00
Tom Eastep
465e729288 Bump version to Beta 3 2011-05-18 17:08:07 -07:00
Tom Eastep
568e54b50d Update version to Beta 2 2011-05-18 09:58:35 -07:00
Tom Eastep
fd70e73d34 Add ACCOUNTING_TABLE option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-17 12:51:33 -07:00
Tom Eastep
11ff245697 Don't generate refresh rules unless the command is 'refresh'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-16 13:08:32 -07:00
Tom Eastep
f75961dc63 Ensure absolute path name in LIBEXEC and PERLLIB
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-14 05:31:19 -07:00
Tom Eastep
9ba9d40b77 More LIBEXEC/PERLLIB fixes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-12 07:42:09 -07:00
Tom Eastep
7994c82c1b Fix PERLLIB on Shorewall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-12 06:27:12 -07:00
Tom Eastep
cdf2014ce2 Apply Togan's patch with fixes
/sbin/shorewall and /sbin/shorewall6 modified
	uninstallers modified
	Additional installer changes

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-04-17 11:20:26 -07:00
Tom Eastep
aca5b33858 Backout my start for a fix for Togan's patch 2011-04-17 09:06:13 -07:00
Tom Eastep
97b7856380 Reverse Togan's patch -- it is woefully incomplete
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-04-17 07:55:30 -07:00
Tom Eastep
46191c9f87 Re-bump versions 2011-04-16 09:15:29 -07:00
Tom Eastep
1430856164 Re-apply Togun's Patch 2011-04-16 08:51:19 -07:00
Tom Eastep
1a0388080f Initiate 4.4.20
Update versions
    Update release documents
    Apply Togan Muftuoglu's change to increase installation flexibility
2011-04-16 08:31:46 -07:00
Tom Eastep
9a8f411531 Update version to 4.4.19.1 and document corrected problems 2011-04-13 17:22:07 -07:00
Tom Eastep
1be89edb49 Version to 4.4.19 2011-04-09 07:58:13 -07:00
Tom Eastep
f62287ccbf Correct output noise in the output of 'shorewall6 show connections' - take 2 2011-04-04 09:14:22 -07:00
Tom Eastep
66dd89234f Correct output noise in the output of 'shorewall6 show connections' 2011-04-04 09:13:17 -07:00
Tom Eastep
db7ddcc492 Correct typo in shorewall6 installer 2011-04-04 08:50:25 -07:00
Tom Eastep
c1160ec076 Version to RC1 2011-04-03 15:54:36 -07:00
Tom Eastep
8609c97d1c Version to Beta 5 2011-04-03 10:30:33 -07:00
Tom Eastep
86f4d3bad6 Revert "Set version RC1"
This reverts commit ae9558c7c6.
2011-04-03 10:28:20 -07:00
Tom Eastep
ae9558c7c6 Set version RC1 2011-04-03 10:04:53 -07:00
Tom Eastep
cc633c5bd9 Shorewall 4.4.19 Changes 2011-04-03 09:56:30 -07:00
Tom Eastep
6fe64e3dfa Update to 4.4.18.1 2011-03-19 14:22:52 -07:00
Tom Eastep
f5d06024fc Bump version to 4.4.18.1 2011-03-13 07:56:12 -07:00
Tom Eastep
1bbd963c3f Bump version to 4.4.18 2011-03-02 07:43:03 -08:00
Tom Eastep
428e898bfe Update version to RC1 2011-02-28 15:24:04 -08:00
Tom Eastep
052bc87bd5 Set version to Beta 4 2011-02-20 09:20:43 -08:00
Tom Eastep
b90ea8a9e0 Change default for MODULE_PREFIX 2011-02-20 08:52:07 -08:00
Tom Eastep
30768a03d1 Bump version to Beta 3 2011-02-19 08:55:28 -08:00
Tom Eastep
983f6a231e Version to Beta 2 2011-02-13 11:43:37 -08:00
Tom Eastep
ab8951f9d8 Correct syntax error in Shorewall6 install.sh: 2011-02-06 09:39:30 -08:00
Tom Eastep
2c2fdab0fe Rename USE_LOCAL_MODULES to EXPORTMODULES
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-02-06 08:42:35 -08:00
Tom Eastep
946602bc1c Modules file breakup for IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-02-06 08:15:50 -08:00
Tom Eastep
88bce4100a Initiate 4.4.18 2011-02-05 16:41:34 -08:00
Tom Eastep
06803b6e5f Properly secure helper and modules files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-02-05 16:12:43 -08:00
Tom Eastep
68ccac08cd Add sch_tbf to modules and add several modles to the Shorewall6 modules file 2011-02-04 10:46:40 -08:00
Tom Eastep
ea2c72d1b1 Prepare for 4.4.17 2011-02-04 06:44:02 -08:00
Tom Eastep
c44283d088 Add IPv6 tcfilters file 2011-02-03 08:40:39 -08:00
Tom Eastep
6fc8152464 Update version to RC 1 2011-01-30 11:30:45 -08:00
Tom Eastep
70fc8bdfb6 Add support for per-IP accounting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-01-30 07:20:05 -08:00
Tom Eastep
4cc8e5422d Add ACCOUNT target detection 2011-01-30 07:14:08 -08:00
Tom Eastep
ab39b977e0 Version to Beta 3 2011-01-28 16:52:22 -08:00
Tom Eastep
a2b440b093 Add USE_LOCAL_MODULES option 2011-01-22 08:13:17 -08:00
Tom Eastep
9d06125129 Bump Version to Beta 2 2011-01-19 15:38:51 -08:00
Tom Eastep
e9b3cd5b57 Run updaterc.d out of uninstall on Debian-based systems 2011-01-16 13:09:02 -08:00
Tom Eastep
08f09d7de0 Deprecate EXPORTPARAMS 2011-01-09 10:12:36 -08:00
Tom Eastep
bdbc9ab29d Initiate 4.4.17 2011-01-08 08:00:56 -08:00
Tom Eastep
33b54e4ebe Version to 4.4.16 2011-01-03 09:00:39 -08:00
Tom Eastep
cb751bd225 Remove extraneous change log entries 2010-12-30 10:02:39 -08:00
Tom Eastep
e3d1032ab3 Set version to Beta 8 2010-12-30 07:32:30 -08:00
Tom Eastep
d5ac12a8ff Bump version to RC 1 2010-12-27 07:49:52 -08:00
Tom Eastep
d4d285af39 Revert version to Beta 7 2010-12-26 09:01:15 -08:00
Tom Eastep
c6e35be8bc Update version to RC 1 2010-12-22 14:37:10 -08:00
Tom Eastep
c63bb70585 Bump version to Beta 6 2010-12-20 13:17:35 -08:00
Tom Eastep
6506fe8cb7 Update action.template for 4.4.16 2010-12-13 21:11:38 -08:00
Tom Eastep
48b00d719e Complete Proxy NDP implementation 2010-12-11 10:04:07 -08:00
Tom Eastep
fc6dbb3d56 Bump version to Beta 4
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-12-10 06:53:36 -08:00
Tom Eastep
b9ee064284 Update version to Beta 4 2010-12-04 11:40:34 -08:00
Tom Eastep
19f40ab721 Bump version to Beta 3 2010-12-03 13:43:46 -08:00
Tom Eastep
5458d9367f Bump version and document bug catcher 2010-12-03 09:17:26 -08:00
Tom Eastep
cae5ddc7e0 Initiate 4.4.16 2010-11-30 17:30:11 -08:00
Tom Eastep
d5fc0150d0 Set version to 4.4.15 2010-11-26 09:49:40 -08:00
Tom Eastep
2702d7f208 Implement header matching 2010-11-24 10:46:06 -08:00
Tom Eastep
9427510e8f Update version to RC 1 2010-11-22 13:01:12 -08:00
Tom Eastep
2e4da207de Update version to Beta 3 2010-11-21 09:52:34 -08:00
Tom Eastep
4875be99c2 Move version_command() to where it belongs 2010-11-21 08:18:18 -08:00
Tom Eastep
5e1c8f8d2a Add DEVICE column to routes file 2010-11-17 08:35:20 -08:00
Tom Eastep
81e6e0889c Initiate Beta 2 2010-11-15 15:09:22 -08:00
Tom Eastep
69c3600107 Modernize processing of params file 2010-11-06 17:12:05 -07:00
Tom Eastep
d4f857f877 Update version to 4.4.15-Beta1 2010-10-30 07:12:03 -07:00
Tom Eastep
1db13849ab Clear VERBOSE and VERBOSITY at CLI startup
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-28 15:17:37 -07:00
Tom Eastep
8758d3a834 Insure that VERBOSITY=0 when interrogating compiled script version
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-28 11:25:56 -07:00
Tom Eastep
1060b201dd Update version to 4.4.14 2010-10-23 21:40:22 -07:00
Tom Eastep
3ec6185f72 Run update-rc.d on Debian
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-13 08:42:35 -07:00
Tom Eastep
033d43b014 Implement undocumented dumpfilter extension file 2010-10-07 14:35:51 -07:00
Tom Eastep
f0ef27b3e5 Update version to RC1 2010-10-06 16:16:37 -07:00
Tom Eastep
cee05d9763 Refine -lite handling of scfilter.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-03 12:52:30 -07:00
Tom Eastep
ac71868cc1 Package the scfilter along with the generated script for -lite
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-01 10:59:15 -07:00
Tom Eastep
6e9fc12517 Update version to Beta 4
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-01 09:31:11 -07:00
Tom Eastep
468af44876 Add support for 'scfilter' script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-01 09:15:58 -07:00
Tom Eastep
2fa7e11976 Add 'scfilter' extension script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-01 07:38:14 -07:00
Tom Eastep
0becb39202 Bump version to Beta 3
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-26 08:15:32 -07:00
Tom Eastep
f07ec1e9d3 Clean up untidiness where Shorewall6 tries to start on a system with an old kernel
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-25 08:46:14 -07:00
Tom Eastep
03161ed57d Bump version to 4.4.14 Beta 2 2010-09-23 19:33:37 -07:00
Tom Eastep
0f4d8eb929 Use 'conntrack' for 'show connections' 2010-09-23 19:08:40 -07:00
Tom Eastep
9d5642aedd Update Version to 4.4.14-Beta1 2010-09-21 11:34:26 -07:00
Tom Eastep
65de1e4e6e Re-add OPTIONS column to blacklist templates 2010-09-17 11:56:47 -07:00
Tom Eastep
af24baaecd Update version to RC1 (one more time) 2010-09-17 09:14:56 -07:00
Tom Eastep
e61230a3db Update version to Beta 6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-17 08:23:24 -07:00
Tom Eastep
1d650b41cd Remove blacklisting by destination IP address support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-15 15:24:58 -07:00
Tom Eastep
c4a40d8c7b Set version to RC1 (again) 2010-09-14 13:09:50 -07:00
Tom Eastep
33adbe7a27 Update documentation for net TC features 2010-09-13 13:51:25 -07:00
Tom Eastep
52592b4cfb Remove prog.*6 during installation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-12 10:07:07 -07:00
Tom Eastep
512cd7b08e Bump version to 4.4.13 RC 1 2010-09-11 15:46:14 -07:00
Tom Eastep
7dbd994f51 Update installers for secmarks 2010-09-07 07:56:11 -07:00
Tom Eastep
28ff3548ff Bump version to 4.4.13-Beta4 2010-09-04 15:30:02 -07:00
Tom Eastep
15d8d6d8b7 Add SECMARK and CONNSECMARK support 2010-09-04 15:12:08 -07:00
Tom Eastep
add76ed14e Bump version to 4.4.13 Beta 3
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-30 12:33:10 -07:00
Tom Eastep
57bcfee559 Add 'Mark in any table' capability 2010-08-27 08:35:33 -07:00
Tom Eastep
75e12148ac Bump version to Beta 2 2010-08-25 09:58:07 -07:00
Tom Eastep
fafb0dea73 Update version to 4.4.13-Beta1 2010-08-18 12:40:34 -07:00
Tom Eastep
633eba6c90 Set version to 4.4.12 2010-08-15 08:50:45 -07:00
Tom Eastep
72b8393c3a Fix AUTOMAKE=Yes 2010-08-14 07:32:53 -07:00
Tom Eastep
7281c9166e Record the config directory in the state file 2010-08-12 17:54:07 -07:00
Tom Eastep
0234564a1b Add destination IP blacklisting 2010-08-10 17:33:50 -07:00
Tom Eastep
8d4498c9b8 Update Version to 4.4.12 RC 1 2010-08-06 19:31:36 -07:00
Tom Eastep
364ad41cf5 Add support for new ipset match syntax 2010-08-03 21:06:17 -07:00
Tom Eastep
3ce8ff5741 Bump version to Beta 4 2010-08-01 16:10:32 -07:00
Tom Eastep
967629569b Taylor Universal config to work with Shorewall-init and streamline ruleset
- Make interface 'all' optional and set REQUIRE_INTERFACE=Yes
- Add COMPLETE option
- Set FASTACCEPT in Universal samples
- Reset SUBSYSLOCK in Universal samples

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-01 08:36:56 -07:00
Tom Eastep
0b9aa0f84b Fix the dump command 2010-07-31 13:52:28 -07:00
Tom Eastep
0b3dfcc844 Revert version to Beta 3 2010-07-31 13:23:53 -07:00
Tom Eastep
a639b75e36 Bump version to RC1 2010-07-29 11:40:15 -07:00
Tom Eastep
0c38ba815c Add LOGLIMIT to .conf files while deleting LOGRATE and LOGBURST 2010-07-27 06:44:10 -07:00
Tom Eastep
9bf06caa35 Bump version to Beta 2 2010-07-25 08:11:49 -07:00
Tom Eastep
2c6d1c8d14 Many fixes for Shorewall-init
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-23 09:26:47 -07:00
Tom Eastep
898274dd77 Syncronize shorewall-lite activities 2010-07-22 17:00:34 -07:00
Tom Eastep
8959245375 Update version to 4.4.12-Beta1 2010-07-21 20:35:36 -07:00
Tom Eastep
a29921c9d2 Reverse order of ICMPv6 and Multicast/anycast filtering 2010-07-13 13:03:55 -07:00
Tom Eastep
b52b7c422f Drop multicast and anycast in Drop and Reject actions 2010-07-12 16:44:34 -07:00
Tom Eastep
5a5546ef1b Set version to 4.4.11 2010-07-09 09:01:08 -07:00
Tom Eastep
74092a9b14 Restrict Shorewall6 netstat call to IPv6 only 2010-07-06 06:42:37 -07:00
Tom Eastep
ecd22d34fa Reword warning message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-05 13:15:13 -07:00
Tom Eastep
02fab09a14 Add PERL= option to shorewall.conf and shorewall6.conf
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-05 13:11:52 -07:00
Tom Eastep
898c3a045f Bump version to RC1 2010-07-05 07:08:06 -07:00
Tom Eastep
312624cef5 Fix NET3 bug (netmap) 2010-07-04 15:58:37 -07:00
Tom Eastep
2ee4fd8f5a Add FWMARK_RT_MASK capability.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-04 09:08:04 -07:00
Tom Eastep
5d1e19364a Bump version to Beta 3 2010-07-03 10:54:39 -07:00
Tom Eastep
db8dba66db Correct defect in the handling of 'trace' and 'debug'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-01 15:56:57 -07:00
Tom Eastep
64decb25fe Bump version to 4.4.11-Beta2 2010-07-01 07:08:11 -07:00
Tom Eastep
fc95cb8dc6 Run insserv when installed on Debian
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-26 07:34:34 -07:00
Tom Eastep
2d6647c445 Make 'shorewall6 show connections' more readable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-22 08:32:15 -07:00
Tom Eastep
055ac41a23 Make IPv6 log output readable 2010-06-21 15:38:47 -07:00
Tom Eastep
b3370dfd78 Initiate 4.4.11
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-06 13:36:45 -07:00
Tom Eastep
fdc3b698a9 Version to 4.4.10 (again) 2010-06-05 15:58:23 -07:00
Tom Eastep
0e995d65ac Version to 4.4.10-RC2 2010-06-04 16:19:15 -07:00
Tom Eastep
43afd03b9b Bump version to 4.4.10 2010-06-03 11:18:02 -07:00
Tom Eastep
f29b06ec07 Update .spec files to use DESTDIR
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-01 07:18:37 -07:00
Tom Eastep
91840acb18 Remove unused RUNLEVELS variable from the install scripts.
Add some documentation

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-01 07:12:19 -07:00
Tom Eastep
fe55fa0f31 Rename PREFIX->DESTDIR
If DESTDIR is not supplied, look for PREFIX

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-01 06:42:11 -07:00
Tom Eastep
858a422da3 Extend 'version -a' behavior to all CLIs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-31 07:32:17 -07:00
Tom Eastep
d58480943a Bump version to 4.4.10 RC 1 2010-05-27 17:21:11 -07:00
Tom Eastep
e627e0ea76 Bump version to 4.4.10-Beta4
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-26 16:47:49 -07:00
Tom Eastep
cdcb42ce9c Increment version to 4.4.10-Beta3.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-25 07:17:57 -07:00
Tom Eastep
3db31f2f65 Add SAFESTOP setting to /etc/default/shorewall*.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-25 07:16:02 -07:00
Tom Eastep
2d19cd1ebb Add options to readlink
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-24 06:37:02 -07:00
Tom Eastep
d32ed01cf0 Use readlink(1) where appropriate
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-23 13:37:26 -07:00
Tom Eastep
1d87fc0102 Update .spec files with virtual requires/provides
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-21 10:12:37 -07:00
Tom Eastep
4264524448 Bump Version to 4.4.10-Beta2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-20 14:13:38 -07:00
Tom Eastep
2a870088d8 Remove 'close' from CLI programs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-20 14:09:40 -07:00
Tom Eastep
ff388ca5c4 Detect the 'closed' state in the status command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-15 12:46:47 -07:00
Tom Eastep
a2758421ed Bump version to 4.4.10-Beta1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-13 17:03:14 -07:00
Tom Eastep
a04d8126e1 Finish implementing 'close'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-13 16:39:01 -07:00
Tom Eastep
74c515016e Add back stuff merged earlier: 2010-05-08 16:32:03 -07:00
Tom Eastep
679ad6cf04 Allow OS X to be an Administrative System
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-06 09:07:16 -07:00
Tom Eastep
13d5864f23 Update Shorewall6 mDNS macro.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-03 10:21:19 -07:00
Tom Eastep
fca404eeaf Update version to 4.4.9
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-03 10:02:02 -07:00
Tom Eastep
70c6a2cdf3 Update version to 4.4.9-RC2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-02 07:25:50 -07:00
Tom Eastep
6d61e962eb Use -m conntrack if available in place of -m state
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-25 13:35:41 -07:00
Tom Eastep
21e0c68ef2 Bump version to 4.4.9 RC1 2010-04-25 09:37:17 -07:00
Tom Eastep
fb2ddcee7b Bump Version to 4.4.9 Beta 5 2010-04-24 21:53:12 -07:00
Tom Eastep
6053352f8c A better fix for find_first_interface_address()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-23 20:06:45 -07:00
Tom Eastep
232fc21fe2 Allow find_first_interface_address[_if_any] to work properly in the params file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-23 11:54:36 -07:00
Tom Eastep
0dde75d345 Fix install scripts (again)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-19 13:08:03 -07:00
Tom Eastep
a0abb11f67 Extend 'show log <ipaddr>' to search for a regular expression.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-19 13:02:21 -07:00
Tom Eastep
21b44ac42b Change version to 4.4.9-Beta4
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-16 07:25:53 -07:00
Tom Eastep
f7e48a94da Fix install scripts.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-15 09:39:21 -07:00
Tom Eastep
4365b83b15 Rationalize init logs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-10 11:46:50 -07:00
Tom Eastep
b20d5ec227 Delete remaining fallback scripts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-09 07:38:46 -07:00
Tom Eastep
56bc28a182 Prepare 4.4.9 Beta 3
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-09 07:32:21 -07:00
Tom Eastep
ab1a27ca2a Update version to 4.4.9 Beta 2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-08 13:14:51 -07:00
Tom Eastep
48692f5c4a Fix find_first_interface_address() in IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-07 14:38:56 -07:00
Tom Eastep
62c9cb7b36 Change 'first_install' tests
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-07 13:16:16 -07:00
Tom Eastep
3b317afb2f Add mDNS macro from Vincent Smeets.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-03 15:57:50 -07:00
Tom Eastep
427b14b21d Clean up file headers in the .conf files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-30 11:53:36 -07:00
Tom Eastep
6fc347b9be Prepare 4.4.9-Beta1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-20 07:06:47 -07:00
Tom Eastep
fae29bcf6f Change version to 4.4.8
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-19 10:17:32 -07:00
Tom Eastep
508475d80b Avoid panic among the user base by suppressing missing table error messages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-19 10:10:20 -07:00
Tom Eastep
1177540fd8 Update version to RC2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-16 12:39:35 -07:00
Tom Eastep
07cba9e066 Bump version to RC1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-08 08:11:00 -08:00
Tom Eastep
efed2286b0 Move qt1() to lib.common
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-07 11:50:54 -08:00
Tom Eastep
4e18414fd7 Uninstall the logrotate scripts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-06 09:24:51 -08:00
Tom Eastep
88447bfc7d Avoid dropping first line of library source text
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-06 08:45:21 -08:00
Tom Eastep
7557b4b5fb Update version to 4.4.8 Beta 3
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-06 07:41:29 -08:00
Tom Eastep
fe089ddc36 Don't copy headers in imported libraries
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-06 07:40:43 -08:00
Tom Eastep
bcfa98bf4d Remove extraneous comment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-05 11:36:22 -08:00
Tom Eastep
117d79ec02 Remove duplicate declaration
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-05 11:33:43 -08:00
Tom Eastep
707ec67430 Corrections/additions to IPv6 shell libraries.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-05 07:59:03 -08:00
Tom Eastep
8e5114859c Only load lib.base and lib.cli (lib.base loads lib.common)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-05 06:51:13 -08:00
Tom Eastep
abb943bfb7 Do library consolidation on IPv6 and load lib.cli into shorecap.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-04 13:11:33 -08:00
Tom Eastep
3e4d9b3118 Rename lib.run -> lib.common 2010-03-04 12:13:41 -08:00
Tom Eastep
7757c0bc20 Rename lib.run to lib.common
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-04 09:54:56 -08:00
Tom Eastep
41d709b043 Allow 'get_script_version' to correctly handle point releases
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-04 09:40:48 -08:00
Tom Eastep
4c081e5998 Add lib.run
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-04 09:12:48 -08:00
Tom Eastep
1d52683af8 Don't display 'Old' capabilities that are not enabled.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-03 15:28:49 -08:00
Tom Eastep
a963c8f955 Don't export CONFDIR or SHAREDIR
Document CONFDIR, SHAREDIR and VARDIR
Add FILEMODE to the old reserved variable names

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-03 11:46:23 -08:00
Tom Eastep
3f73b3c408 Export *DIR variables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-03 10:39:18 -08:00
Tom Eastep
c6981de0e5 Complete elimination of globals that are not .conf options
Documentation to follow

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-03 09:50:07 -08:00
Tom Eastep
ee74696747 IPv6 work to only export when necessary
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-03 08:59:58 -08:00
Tom Eastep
70296b4bd6 Some fixes for -lite changes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-02 17:16:11 -08:00
Tom Eastep
78a39ccad5 Centralize exporting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-02 16:03:44 -08:00
Tom Eastep
cce4bf277a Reduce export usage; Allow PURGE and RESTOREFILE to be specified on the run-line
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-02 14:49:31 -08:00
Tom Eastep
2656a9b0c7 Eliminate use of PRODUCT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-02 12:34:36 -08:00
Tom Eastep
5613d0105a Remove all reliance on HOSTNAME
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-02 11:59:38 -08:00
Tom Eastep
3ea6f6792f Eliminate VERSION reserved variable name
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-02 08:02:10 -08:00
Tom Eastep
53c73bc8e9 Eliminate VERBOSE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-28 17:58:01 -08:00
Tom Eastep
5d840e336a Rectify anachronistic README files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-28 17:30:52 -08:00
Tom Eastep
91a14b4e82 Make -s the default on Debian; Issue message when installing in a distro-specific way
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-28 09:15:11 -08:00
Tom Eastep
d2992c21f4 Update version to Beta 2 2010-02-28 09:04:37 -08:00
Tom Eastep
3c4b41fbe0 Implement -s option in the major installers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-27 11:48:39 -08:00
Tom Eastep
061d850c16 Rename RESTOREPATH to g_restorepath
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-26 08:35:50 -08:00
Tom Eastep
cd2056f0aa Apply the preceding change to Shorewall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-23 17:01:44 -08:00
Tom Eastep
bffb1793d7 More global variable renaming
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-23 07:52:35 -08:00
Tom Eastep
b2350829b9 Rename 'debugging' to 'g_debugging'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-22 16:43:38 -08:00
Tom Eastep
20ca22d437 Eliminate some of the all-caps variable name restrictions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-22 08:23:17 -08:00
Tom Eastep
6165a50e49 Apply debian init script change to the other packages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-21 16:42:02 -08:00
Tom Eastep
e690303937 Modify Roberto's patch for 'show <chain>' error reporting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-20 19:09:54 -08:00
Roberto C. Sanchez
6a3b2b0dee Clarify error message when user asks shorewall to show a non-existent chain 2010-02-20 21:57:45 -05:00
Tom Eastep
5d08d51fe5 Add $remote_fs to Required-Start and Required-Stop for Debian
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-15 08:39:50 -08:00
Tom Eastep
ea5a6c79bc Bump CAPVERSION 2010-02-11 16:22:47 -08:00
Tom Eastep
5a96771e07 Start 4.4.8 Beta 1 2010-02-11 15:46:57 -08:00
Tom Eastep
b35f20b403 Avoid CAPVERSION bump to implement FLOW_FILTER detection
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-11 07:29:41 -08:00
Tom Eastep
b8c195f570 Accurately detect 'flow' availability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-10 14:50:26 -08:00
Tom Eastep
11a2ec9f7c Update version to 4.4.7 2010-02-05 16:40:48 -08:00
Tom Eastep
096fb29203 DEBUG and PURGE -- take 2.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-02 13:57:50 -08:00
Tom Eastep
1d8a7ad09f Clear DEBUG and PURGE shell variables
Delete a blank line

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-02 13:55:29 -08:00
Tom Eastep
753eb97667 Update version to 4.4.7 RC2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-02 10:30:53 -08:00
Tom Eastep
be117f6638 Remove traffic shaping modules from 'helpers'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-27 10:37:42 -08:00
Tom Eastep
c05c1a6f50 Update version to 4.4.7 RC1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-27 06:58:44 -08:00
Tom Eastep
fb007bc1c7 Bump version to Beta 4 2010-01-25 12:25:01 -08:00
Tom Eastep
e14d48c2cf Bump version to 4.4.7-Beta3
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-22 16:46:29 -08:00
Tom Eastep
5d5bdfc996 Remove -common from Shorewall6 installer.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-22 10:59:05 -08:00
Tom Eastep
f283c37b1c Add helpers file to shorewall6.spec
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-22 10:41:37 -08:00
Tom Eastep
199a50e1c7 Update version to 4.4.7 Beta 2
Add problems corrected to the release notes.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-22 10:35:27 -08:00
Tom Eastep
8f85c75264 Implement LOAD_HELPERS_ONLY for IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-21 15:49:44 -08:00
Tom Eastep
a7d4207bf5 Add TC_PRIOMAP to shorewall*.conf
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-21 10:38:32 -08:00
Tom Eastep
5cc2edf15a Add the new tc files to the repository
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-18 09:03:05 -08:00
Tom Eastep
4453bb7dc8 More updates from 4.5 2010-01-17 16:18:44 -08:00
Tom Eastep
eb790c6d89 Add IPMARK and TPROXY modules to load list 2010-01-17 15:51:19 -08:00
Tom Eastep
f072c10b18 Set version to 4.4.7 Beta1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-17 09:10:48 -08:00
Tom Eastep
07cdb8ca82 Backport TPROXY from 4.5
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-17 08:12:44 -08:00
Tom Eastep
d5cc302ad9 Start 4.4.7
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-16 08:11:13 -08:00
Tom Eastep
ebf1e55609 Version to 4.4.6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-13 15:38:19 -08:00
Tom Eastep
555133fa3c Bump version to 4.4.6-Beta2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-13 10:14:31 -08:00
Tom Eastep
38b8a8a7fd Allow Shorewall6 to display the tc config of one interface
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-12 19:09:46 -08:00
Tom Eastep
db2a1fe749 Add lib.cli changes to 4.4.6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-12 18:57:04 -08:00
Tom Eastep
f69a741691 Port Simplified TC to 4.4.6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-12 17:01:20 -08:00
Tom Eastep
7e183e8eb4 Change version to 4.4.6-Beta1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-12 15:57:55 -08:00
Tom Eastep
4420eed8d7 Allow users to preview the generated ruleset.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-12 15:32:50 -08:00