Tom Eastep
a7cacdfee3
Allow SAVE and RESTORE in the INPUT chain
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-20 08:09:09 -08:00
Tom Eastep
28ac76bde4
Add tinc tunnel support
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-13 13:28:37 -08:00
Tom Eastep
83431514fb
Add Tinc macro
...
- From Răzvan Sandu
2015-01-13 07:05:15 -08:00
Tom Eastep
111c454193
Make leading SHELL case-sensitive
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-13 07:04:20 -08:00
Tuomo Soini
b06ba536e9
macro.Zabbix: This macro handles Zabbix monitoring software server traffic to agent
...
and trap traffic from agent to zabbix server.
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-01-13 13:51:00 +02:00
Tom Eastep
97846e14de
Correct handling of ipsets in one of the PORTS columns
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-09 09:28:08 -08:00
Tom Eastep
07c21b8968
Add 'primary' provider option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-06 09:06:27 -08:00
Tom Eastep
668759edad
Catch parameter problems with TARPIT
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-04 11:09:39 -08:00
Tom Eastep
0f1f54b57b
Tweak loopback change
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-04 11:00:02 -08:00
Tom Eastep
60d5a177a3
Use the 'Iface Match' capability for loopback traffic.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-04 09:46:39 -08:00
Tom Eastep
3ed5ced581
Correct syntax error introduced in Beta 2
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-04 08:35:33 -08:00
Tom Eastep
086f8b6073
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
2015-01-03 13:23:00 -08:00
Tom Eastep
fa377df9dc
Fix installer's use of the DIGEST environmental variable
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-03 13:22:06 -08:00
Tom Eastep
7dd9ccd06b
Add the 'loopback' interface option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-03 09:22:40 -08:00
Tom Eastep
33e2e19193
Always set IP
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-02 09:28:50 -08:00
Tom Eastep
4a4bfe77ce
Implement IFACE_MATCH capability
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-02 09:05:06 -08:00
Tom Eastep
3890b8a884
Infrastructure for detecting loopback interfaces
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-02 08:49:38 -08:00
Tom Eastep
551a16d18f
Document TARPIT
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-01 09:14:00 -08:00
Tom Eastep
d1b597394f
Correct typo (TARPIT_MATCH -> TARPIT_TARGET)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-30 10:22:33 -08:00
Tom Eastep
15a2fd14f9
Implement TARPIT target
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-28 15:23:30 -08:00
Tom Eastep
f96baca780
Use the readable representation of the SHA1 digest in the chain table
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-27 11:13:10 -08:00
Tom Eastep
1b5f439609
Rewrite 'process_actions'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-27 09:28:02 -08:00
Tom Eastep
1655054de2
Rename 'externalize' to 'external_name'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-27 09:19:00 -08:00
Tom Eastep
89877ed3f7
Rename 'policy_rules' to 'add_policy_rules'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-26 15:58:13 -08:00
Tom Eastep
9649107a8e
Rename 'apply_policy_rules' to 'complete_policy_chains'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-26 15:53:50 -08:00
Tom Eastep
33eb47a48a
Reorder parameters and change identifiers in set_policy_chain()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-26 15:47:50 -08:00
Tom Eastep
93285e2798
Cleanup of preceding fix
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-26 14:05:43 -08:00
Tom Eastep
2430796495
Document the -c option of 'show routing'
...
Correct choice in show commands to 'req'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-26 12:15:28 -08:00
Tom Eastep
06ef7596cd
Document the -c 'dump' option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-26 11:57:24 -08:00
Tom Eastep
227db0cfa7
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
2014-12-23 15:37:38 -08:00
Tom Eastep
c0f7d0e65d
Start firewall after the network-online target has been reached
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-23 15:37:22 -08:00
Tom Eastep
ba806379f4
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
2014-12-23 15:36:56 -08:00
Tom Eastep
6a15cead52
Cosmetic/commentary changes to the Config Module
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-23 15:25:20 -08:00
Tom Eastep
f925358872
Minor Compiler Reorganization
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-23 12:27:37 -08:00
Tom Eastep
52d2e62274
Convert two macros to Format 2
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-22 08:36:34 -08:00
Tom Eastep
56e8068f3d
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
2014-12-20 15:12:44 -08:00
Tom Eastep
35fc7b34b8
Minor code tweak
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-20 15:09:21 -08:00
Tom Eastep
fdf513fba6
Correct font in mangle manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-19 14:26:20 -08:00
Tom Eastep
79430673b8
Correct handling of duplicate states in the mangle file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-16 19:08:25 -08:00
Tom Eastep
695db284c0
Improve Mark Range Implementation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-15 11:19:23 -08:00
Tom Eastep
807b9ca627
Revert "Improve handling of mark ranges"
...
This reverts commit 62f480897e
.
2014-12-15 09:39:24 -08:00
Tom Eastep
62f480897e
Improve handling of mark ranges
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-14 09:13:41 -08:00
Tom Eastep
2d7025dcc3
Correct mark range handling
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-13 08:31:31 -08:00
Tom Eastep
a833815b31
Correct IPv6 handling of LOG_BACKEND=LOG
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-15 08:56:42 -08:00
Thomas D
664e3bb0a8
Installer: $INITDIR already starts with a "/", so no need for, "$DESTDIR/$INITDIR"
...
Hi,
before the patch (DESTDIR = "/tmp/shorewall-4.6.5"; INITDIR =
"/etc/init.d"),
> [...]
> SysV init script init.gentoo.sh installed in /tmp/shorewall-4.6.5//etc/init.d/shorewall-lite
after the patch
> [...]
> SysV init script init.gentoo.sh installed in /tmp/shorewall-4.6.5/etc/init.d/shorewall-lite
-Thomas
From e7a192397323bb6cb66d08a6f24e7edfee044f31 Mon Sep 17 00:00:00 2001
From: Thomas D <whissi@whissi.de>
Date: Sat, 15 Nov 2014 16:38:05 +0100
Subject: [PATCH] $INITDIR already starts with a "/", so no need for
"$DESTDIR/$INITDIR"
Before the patch (DESTDIR = "/tmp/shorewall-4.6.5"; INITDIR = "/etc/init.d"),
> [...]
> SysV init script init.gentoo.sh installed in /tmp/shorewall-4.6.5//etc/init.d/shorewall-lite
after the patch
> [...]
> SysV init script init.gentoo.sh installed in /tmp/shorewall-4.6.5/etc/init.d/shorewall-lite
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-15 07:55:14 -08:00
Tom Eastep
9241552c52
Make emacs sh-mode work better with lib.core
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-14 16:28:44 -08:00
Tom Eastep
16c1809ef2
Apply Alan Barrett's dhclient patch
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-14 13:39:23 -08:00
Tom Eastep
7100af5380
Correct .service files
...
- Make them match earlier versions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-11 18:05:04 -08:00
Tom Eastep
c4171a92f6
Change spacing in shorewall[6] usage output
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-10 07:38:58 -08:00
Thomas D
a5b2886ae9
Patches for shorewall manpage
...
Hi,
I corrected some errors in the manpages. I started with "shorewall".
Tom, please tell me if you like this format and the patches at all.
If you like them, I can send you a similar patch set for shorewall6, too.
-Thomas
From 2aaeaa4f2da7aae92177ced0530f1deff86f44a9 Mon Sep 17 00:00:00 2001
From: Thomas D <whissi@whissi.de>
Date: Sun, 9 Nov 2014 15:45:29 +0100
Subject: [PATCH 11/14] The "-i" option from the "reload" command wasn't marked
as an option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-09 07:40:59 -08:00
Tom Eastep
9a6047b3c4
Correct reversed naming of SHA chains
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-06 08:18:52 -08:00
Tom Eastep
6f5de7ef3f
Add now logging modules to the modules files.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-05 16:19:30 -08:00
Tom Eastep
5b4e3bc07c
Accomodate new module names for LOG_BACKEND
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-05 12:51:24 -08:00
Tom Eastep
dc3f163e71
Change the names of the sha1 chains for uniqueness
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-04 17:54:38 -08:00
Tom Eastep
2f545012a6
More documentation updates for -C
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 09:25:58 -08:00
Tom Eastep
c97226c46c
Correct behavior of 'start -fC'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 09:25:23 -08:00
Tom Eastep
8c0c1bd1e0
Omit the 'shorewall' chain from .ip[6]tables-restore-input
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 08:16:47 -08:00
Tom Eastep
8b825c4c4c
Avoid failure of ip[6]tables-restore.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 07:56:05 -08:00
Tom Eastep
4493b2ab6b
Correct typo in 'rules' manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 06:50:40 -08:00
Tom Eastep
9598ac6fad
Correct a couple of problems with -C
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-01 10:09:04 -07:00
Tom Eastep
8fb73026c8
Replace SAVE_COUNTERS with the -C command option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-01 09:37:57 -07:00
Tom Eastep
4546cbaff7
Use chains with names derived from a digest to identify ruleset
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-31 11:36:53 -07:00
Tom Eastep
a83c146636
Cleanup
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 20:27:06 -07:00
Tom Eastep
2ffc97867c
Correct syntax error in the generated script
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 19:59:20 -07:00
Tom Eastep
f08803e293
Preserve counts on 'restart' without compilation.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 18:38:45 -07:00
Tom Eastep
b7ab82dba4
Implement -f option in the -lite products' start command
...
- Remove 'recover' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 10:42:39 -07:00
Tom Eastep
113f95c11e
Provide STARTOPTIONS and RESTARTOPTIONS in all cases
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 10:22:39 -07:00
Tom Eastep
3454e10525
Add SAVE_COUNTERS option.
...
- Also implement recover command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 08:57:56 -07:00
Tom Eastep
edc30fcc8d
Process the params file with SHOREWALL_SHELL
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-29 12:22:00 -07:00
Tom Eastep
85e5669fc7
Rename function interface_up() to interface_enabled()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-27 18:38:22 -07:00
Tom Eastep
055fceb82f
Update policy manpages for duel limits
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-22 12:27:27 -07:00
Tom Eastep
f5bdc9e7f4
Allow two limits in the RATE LIMIT columns
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-22 11:21:43 -07:00
Tom Eastep
b60d6dd6e5
Avoid duplicate module loads
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-20 10:42:53 -07:00
Tom Eastep
2784e93307
Load xt_LOG in both helpers files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-19 08:28:36 -07:00
Tom Eastep
90d1e41dcb
Correct IPv4 Helpers file
...
- Change xt_ULOG to ipt_ULOG
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-19 08:28:29 -07:00
Tom Eastep
49218a4d28
ipt_LOG in helpers file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-15 18:07:09 -07:00
Tom Eastep
e3b10343a5
Change SYSTEMDDIR to SERVICEDIR
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-13 11:56:26 -07:00
Tom Eastep
286bc50bb3
Remove 'optional' from the Universal interfaces file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-13 08:07:14 -07:00
Tom Eastep
42363da458
Add new .service files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-09 10:00:53 -07:00
Tom Eastep
c5074bddb2
Rename the .service files to .service.214
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-09 09:45:52 -07:00
Tom Eastep
12458d111a
Adjust the .service files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-08 17:28:22 -07:00
Tom Eastep
815e93e80c
Rename SYSTEMD to SYSTEMDDIR
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-07 16:46:16 -07:00
Tom Eastep
3bae6e61cf
Eliminate syntax errors in the generated script
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-07 07:53:26 -07:00
Tom Eastep
5204cbc95f
Suppress 'No ipsets were saved' warning when SAVE_IPSETS=No
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-07 07:50:12 -07:00
Tom Eastep
ea1b8ac63a
Correct handling of empty LOG_BACKEND
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-07 07:34:55 -07:00
Tom Eastep
3206021278
Another round of uninstall fixes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-04 13:50:39 -07:00
Tom Eastep
8571e0dca0
Another round of uninstall fixes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-04 13:29:51 -07:00
Tom Eastep
9dc2bba025
More uninstall corrections.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-04 09:39:03 -07:00
Tom Eastep
2fce05b3ab
Correct a couple of errors
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-04 09:11:29 -07:00
Tom Eastep
00b0489047
Implement SANDBOX variable in the installers/uninstallers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-04 07:50:30 -07:00
Tom Eastep
f9a21bd90e
Add -n option to the uninstallers.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-03 17:10:36 -07:00
Tom Eastep
8a5e71a56f
Implement the -n option in the installers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-03 07:59:41 -07:00
Tom Eastep
483ea3e437
Create INITDIR in -lite installs.
...
- Also don't link the init script if it isn't installed.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-02 17:42:08 -07:00
Tom Eastep
2ec3adcc44
Don't link the init script if SYSTEMD is set.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-02 16:23:26 -07:00
Tom Eastep
820c769499
Correct silly bug in last change
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-29 07:08:39 -07:00
Tom Eastep
e6b0666ac9
Save ipsets during normal stop (duh)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-28 18:43:11 -07:00
Tom Eastep
2a463e06aa
More documentation changes regarding SAVE_IPSETS.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-28 17:10:45 -07:00
Tom Eastep
3174454300
Correct SAVE_IPSETS logic in Config.pm
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-28 14:38:01 -07:00
Tom Eastep
ce1c367d1d
Re-commit the fix that saves only the appropriate family
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-28 14:09:20 -07:00
Tom Eastep
3e2c903a41
Revert "Only save ipsets of the proper family"
...
This reverts commit b053cab630
.
2014-09-28 13:32:32 -07:00
Tom Eastep
b053cab630
Only save ipsets of the proper family
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-28 12:58:52 -07:00
Tom Eastep
6f7d063921
Remove the target file before saving ipsets in the savesets command
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-28 11:53:52 -07:00
Tom Eastep
3858683e94
Allow saving a specified list of ipsets
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-28 11:19:41 -07:00
Tom Eastep
38a18ac9ac
Allow indefinite alternative to 'yes' and 'no'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-27 15:06:18 -07:00
Tom Eastep
a09484356c
Support 'yes', 'no, <other> values for simple config options
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-27 07:57:46 -07:00
Tom Eastep
bc8588a68e
Fix rule numbers in trace output
...
- Don't increment $number needlessly when not tracing
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-27 07:57:09 -07:00
Tom Eastep
10df9d31c4
Correct typo in the actions manpages (4.6.5 s/b 4.6.4).
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-25 14:47:27 -07:00
Tom Eastep
4989f694cd
Correct trace output
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-25 14:47:00 -07:00
Tom Eastep
053df2a5fb
Go back to original insert_irule() fix.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-25 09:21:20 -07:00
Tom Eastep
976a1f3deb
Merge branch '4.6.3'
...
Conflicts:
Shorewall/Perl/Shorewall/Misc.pm
2014-09-25 08:06:16 -07:00
Tom Eastep
ea40068c10
Fix ADMINISABSENTMINDED=No used with stoppedrules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-25 08:03:35 -07:00
Tom Eastep
56649e2183
Don't compile routestopped during check if there is stoppedrules.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-24 19:24:13 -07:00
Tom Eastep
520d21c056
Another tweak to LOG_BACKEND
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-24 17:12:05 -07:00
Tom Eastep
540eff24aa
Correctons to LOG_BACKEND implementation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-24 16:35:41 -07:00
Tom Eastep
580e00dabd
Implement LOG_BACKEND option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-24 15:26:13 -07:00
Tom Eastep
4815f7eba3
Correct warning message in stoppedrules processing.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-24 11:05:15 -07:00
Tom Eastep
a7b57ad32c
Clarify iptrace logging.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-24 09:14:38 -07:00
Tom Eastep
ba7f88c912
Re-apply 'terminating' changes to the actions manpages.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-23 09:33:57 -07:00
Tom Eastep
7481514a97
Implement the 'terminating' action option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-23 09:29:13 -07:00
Tom Eastep
20c68dddf2
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
2014-09-23 09:24:44 -07:00
Tom Eastep
35e60aa10c
Fix actions manpage
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-23 09:24:32 -07:00
Tom Eastep
1f5439257a
Revert "Implement the 'terminating' action option"
...
This reverts commit 6851744cb7
.
2014-09-23 07:39:25 -07:00
Tom Eastep
4495ed687b
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2014-09-23 07:10:46 -07:00
Tom Eastep
d97d45f4ad
Merge branch '4.6.3'
2014-09-23 07:10:17 -07:00
Tuomo Soini
a03f00bf0f
systemd services: multi-user is not same as old runlevel 3 so use basic
...
add conflicts to obviously conflicting services
remove old version number from init files
remove legacy syslog.target which is not needed on modern systems
fix formatting of email address onold Copyright text
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2014-09-23 16:44:03 +03:00
Tuomo Soini
8f05d0f16d
install.sh: support install on centos7 and foobar7
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2014-09-23 13:19:09 +03:00
Tom Eastep
f9d98b74a2
Merge branch '4.6.2' into 4.6.3
...
Conflicts:
Shorewall/Perl/Shorewall/Providers.pm
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-16 08:09:20 -07:00
Tom Eastep
0d23b9c542
Don't verify required interfaces during 'stop' or 'clear'.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-14 09:29:04 -07:00
Tom Eastep
a7bdfcc47b
Refine the rule reduction fix
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-11 20:58:01 -07:00
Tom Eastep
988ee64621
Eliminate Redundant Rules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-11 10:17:01 -07:00
Tom Eastep
9947f4d968
Re-enable SECTION PREROUTING in the accounting file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-10 12:53:08 -07:00
Tom Eastep
9e039e30e5
Issue warning message when /etc/iproute2/rt_tables is not writeable
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-02 08:11:33 -07:00
Tom Eastep
771e487b02
Merge branch '4.6.3'
2014-09-01 09:10:55 -07:00
Tom Eastep
0b66c475a7
Make <command> replacable in the run synopsis
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-01 09:10:03 -07:00
Tom Eastep
8727a6f1d8
Correct 'run' command synopsis in the shorewall[6] manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-01 08:52:09 -07:00
Tom Eastep
f9a62e1650
Correct builtin example in the actions manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-01 08:29:29 -07:00
Tom Eastep
6851744cb7
Implement the 'terminating' action option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-01 08:16:42 -07:00
Tom Eastep
f963adccf5
Correct silly typo in Chains.pm
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-31 16:57:24 -07:00
Tom Eastep
48549b35ac
Correct inaccuracy in default.debian
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-30 08:25:58 -07:00
Tom Eastep
9001643996
Merge branch 'master' into 4.6.3
2014-08-30 07:18:55 -07:00
Tom Eastep
4bacfced82
Another attempt to fix formatting
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-24 11:59:51 -07:00
Tom Eastep
7c1bbd4dc7
Fix formatting in shorewall[6]-rules(5)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-24 11:29:44 -07:00
Tom Eastep
4347190f82
Clarify REJECT handling in IP[6]TABLE rules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-24 09:10:10 -07:00
Tom Eastep
fa8c3b3b6c
Correct typo in error messages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-24 08:34:33 -07:00
Tom Eastep
045d5ac048
Correct typo in error messages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-24 08:34:04 -07:00
Tom Eastep
e4a8cb31ba
Clean up the Goto Meeting macro a bit
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-24 08:16:11 -07:00
Tom Eastep
9e6fffc231
Goto-Meeting Macro from Eric Teeter
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-23 16:05:38 -07:00
Tom Eastep
3030219740
Tighten the check for DNSAmp
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-21 10:36:44 -07:00
Tom Eastep
602ecad712
Cleaner code in expand_variables()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-20 11:25:49 -07:00
Tom Eastep
6f777098d7
Add 'wildcard' member to the interface table
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-12 06:51:17 -07:00
Tom Eastep
e545329eb9
Modify the preceding fix to work with wildcard interfaces
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-12 06:50:59 -07:00
Tom Eastep
aedd9b5a76
Add 'wildcard' member to the interface table
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-11 08:30:44 -07:00
Tom Eastep
427f38109e
Some cosmetic cleanup
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-10 07:20:23 -07:00
Tom Eastep
0e1a1a3f44
Modify the preceding fix to work with wildcard interfaces
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-08 10:34:29 -07:00
Tom Eastep
b6161b8be7
Merge branch '4.6.2'
2014-08-08 08:30:04 -07:00
Tom Eastep
d3209ca624
Correct handling of a physical name in the provider INTERFACE column
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-08 08:15:26 -07:00
Tom Eastep
34ecbb9074
Correct Cygwin64 detection in the Shorewall installer
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-07 07:17:34 -07:00
Tom Eastep
beb70854ef
Correct Cygwin64 detection in the Shorewall installer
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-07 06:40:34 -07:00
Tom Eastep
7030fad572
Revert "Install the core components along with Shorewall"
...
This reverts commit c653a04a43
.
2014-08-07 06:36:23 -07:00
Tom Eastep
c653a04a43
Install the core components along with Shorewall
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-06 12:59:12 -07:00
Tom Eastep
5ef5aa8cdb
Allow inline matches in an action file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-05 07:34:24 -07:00
Tom Eastep
0ca12bd86f
Correct syntax error caused by replacing '%%' with '??'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-03 15:29:58 -07:00
Tom Eastep
a2f1c57246
Add DNSAmp action
...
- Allow escaping '@' allowing u32 in action body
- Allow inline matches in actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-03 15:11:25 -07:00
Tom Eastep
fd42fa9f74
Make 'detect_configuration' work in the 'run' command
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-01 07:34:40 -07:00
Tom Eastep
e49832f4b5
Run the 'init' script in the 'run' command.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-30 10:25:00 -07:00
Tom Eastep
0bf80c15d8
Detect missing <commmand> in the generated scrip
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-29 11:35:32 -07:00
Tom Eastep
4e9a0b989d
Update 'run' help text
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-29 10:46:28 -07:00
Tom Eastep
31e5aeeaea
Refine the 'run' command
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-29 10:30:07 -07:00
Tom Eastep
eb5026d3b7
Merge branch '4.6.2'
2014-07-28 14:47:23 -07:00
Tom Eastep
a799d74901
Correct typo and link in the shorewall-mangle manpage
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-28 08:39:07 -07:00
Tom Eastep
a7b18ca875
Implement 'run' command
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-28 07:04:56 -07:00
Tom Eastep
ad6c91bcbd
Allow optimize level 8 to work with Perl 5.20.0.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-25 21:03:48 -07:00
Tom Eastep
848078873d
Update tcfilters manpages to mention BASIC_FILTERS=Yes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-22 07:19:10 -07:00
Tom Eastep
461f7b10ba
Detect Arptables JF capability when LOAD_HELPERS_ONLY = No.
...
- Move detection of Header Match to its proper ordinal.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-20 07:19:02 -07:00
Tom Eastep
2c9eda9cee
Add some white space for readability
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-19 18:33:02 -07:00
Tom Eastep
64fc3d2e43
Correct a typo that caused iset couter match to be mis-detected
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-19 10:27:29 -07:00
Tom Eastep
d0aed87546
Correct IPV6 ipset capabilities checking on 3.14 kernels
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-19 10:25:46 -07:00
Tom Eastep
56fa6bd78a
Revert "Correct ipset detection on later kernels."
...
This reverts commit b207f64a85
.
2014-07-19 10:22:12 -07:00
Tom Eastep
b207f64a85
Correct ipset detection on later kernels.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-19 08:55:02 -07:00
Tom Eastep
9f381209d5
Detect HEADER_MATCH when LOAD_MODULES_ONLY=No
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-19 07:20:28 -07:00
Tom Eastep
29e6bc9379
Merge branch '4.6.2' of ssh://server.shorewall.net/home/teastep/shorewall/code into 4.6.2
2014-07-18 15:15:33 -07:00
Tom Eastep
4b3196b959
Add refmiscinfo to the shorewall-tcrules manpage
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-18 13:49:30 -07:00
Tom Eastep
6771dc54ad
Streamline some code from the last commit
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-18 12:58:49 -07:00
Tom Eastep
ba69708092
Merge branch '4.6.2' of ssh://server.shorewall.net/home/teastep/shorewall/code into 4.6.2
2014-07-18 08:45:06 -07:00
Tom Eastep
417bd0138e
Correct two problems with tcrules processing:
...
- SAVE and RESTORE didn't work
- '|' and '&' were ignored
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-18 08:32:22 -07:00
Tom Eastep
a97e2fd3d9
Update manpages regarding 'status -i'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-12 19:37:05 -07:00
Tom Eastep
53dda803e2
More Cygwin64 changes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-09 11:28:45 -07:00
Tom Eastep
cc935009ce
Correct install problems under Cygwin
...
- configure.pl doesn't understand CYGWIN return from uname
- shorewall-core install.sh doesn't understand CYGWIN return from uname
- shorewall install.sh generates 'mkdir -p //etc/shorewall' which is
broken under Cygwin
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-09 10:48:03 -07:00
Tom Eastep
a7856e4dd6
Update another copyright
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-06 15:11:16 -07:00
Tom Eastep
4a4cea46c0
Update copyrights in the Sample files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-06 13:44:34 -07:00
Tom Eastep
2ed523101c
Allow specification of the MAC address of a gateway
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-06 09:54:53 -07:00
Tom Eastep
c663a14c4d
Correct TIME column handling in IPv6
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-04 08:17:19 -07:00
Tom Eastep
8bfff55ed2
Add a TIME column to the mangle file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-04 08:01:14 -07:00
Tom Eastep
b1a6ec7f03
Merge branch '4.6.1'
2014-07-02 21:41:27 -07:00
Tom Eastep
cad8443e01
Allow SAVE/RESTORE rules in the OUTPUT chain
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-02 12:38:02 -07:00
Tom Eastep
2ad81f1a81
Apply Thibaut Chèze's patch for DSCP names
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-02 12:37:50 -07:00
Tom Eastep
166e1a3df9
Allow SAVE/RESTORE rules in the OUTPUT chain
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-01 06:54:54 -07:00
Tom Eastep
84437ea689
Apply Thibaut Chèze's patch for DSCP names
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-01 06:52:58 -07:00
Tuomo Soini
87b5751a49
macro.IPMI: add missing ports from Asus, Supermicro, and Dell documentation
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2014-07-01 13:14:01 +03:00
Tuomo Soini
49aada0f9c
macro.ILO: add support for HP Integrated Lights-Out
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2014-07-01 12:25:26 +03:00
Tom Eastep
7fdc398a5e
Revert "Revert "Revert "Add a TIME column to the mangle file"""
...
This reverts commit 1165b2689c
.
2014-06-27 08:23:04 -07:00
Tom Eastep
1165b2689c
Revert "Revert "Add a TIME column to the mangle file""
...
This reverts commit 9c7fcd09fd
.
2014-06-27 08:14:28 -07:00
Tom Eastep
2701b0a756
Correct number of columns in split_line2() calls.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-25 08:22:09 -07:00
Tom Eastep
9c7fcd09fd
Revert "Add a TIME column to the mangle file"
...
This reverts commit 824b14b714
.
2014-06-25 07:33:42 -07:00
Tom Eastep
80c09c4747
Merge branch '4.6.1'
2014-06-25 07:31:36 -07:00
Tom Eastep
824b14b714
Add a TIME column to the mangle file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-25 07:05:12 -07:00
Tom Eastep
122d58b122
Clear inline matches in perl_action_tcp_helper
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-21 07:58:27 -07:00
Tom Eastep
61bb73fd8c
Correct handling of matches in action_tcp_helper()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-20 14:28:17 -07:00
Tom Eastep
ff8d354c1c
Allow INLINE_MATCHES=Yes and AUTOHELPERS=No to work correctly.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-20 07:01:31 -07:00
Tom Eastep
7b0cf2b665
Add 'show bl' to the usage output
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-18 15:16:07 -07:00
Tom Eastep
6ad9b95351
Implement 'show bl'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-18 13:27:25 -07:00
Tom Eastep
ac4bf15606
Implement 'status -i'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-18 11:07:37 -07:00
Tom Eastep
4e5d24fd9b
Currect masq manpages
...
Describe the SOURCE column as optional
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-16 07:27:05 -07:00
Tom Eastep
2610dd4744
Merge branch 'master' into 4.6.1
2014-06-12 16:39:01 -07:00
Roberto C. Sanchez
b3acb4d30d
Fix typo
2014-06-12 18:58:59 -04:00
Tom Eastep
36e31ed839
Correct typo in error message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-08 09:40:50 -07:00
Tom Eastep
b55b6a913c
Insert the server address list into the error message in DNAT/REDIRECT
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-08 09:36:18 -07:00
Tom Eastep
9c9ae04c86
Raise an error when a server list is specified in a DNAT or REDIRECT rule
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-08 08:52:41 -07:00
Tom Eastep
c898129ad6
Correct pi-rho's patch to not deal with the loopback interface
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-06 13:12:02 -07:00
Tom Eastep
7adc16ace9
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2014-06-06 12:45:36 -07:00
Tuomo Soini
7b38bc9558
remove optional SSH and WS-MAN from IPMI macro and only document
...
vendors which are tested to work
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2014-06-06 22:15:37 +03:00
Tom Eastep
2cd5c41ec0
Clean up white space in pi-rho's patch
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-06 10:44:33 -07:00
Tom Eastep
bea5434de6
Merge branch '4.5.21'
2014-06-06 10:05:02 -07:00
Tom Eastep
8657dd97f7
Apply pi-rho's patch for rpfilter.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-06 10:04:42 -07:00
Tom Eastep
ef038d5eab
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2014-06-04 15:21:05 -07:00
Tuomo Soini
b6ea20e7df
Added macro IPMI for Remote Console Protocl (RMCP)
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2014-06-02 23:48:30 +03:00
Tom Eastep
6632afaf6a
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2014-06-02 12:21:18 -07:00
Tuomo Soini
0f55863076
Add new macros for AMQP, MongoDB, Redis, and Sieve
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2014-06-02 21:24:09 +03:00
Tom Eastep
954cddc37a
Enable 1:1 NAT in IPv6
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-25 12:50:00 -07:00
Tom Eastep
24721e01b6
Document nat vs. subzone restriction.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-25 10:07:07 -07:00
Tom Eastep
5a22b14947
Enable 1:1 NAT in IPv6
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-25 08:57:01 -07:00
Tom Eastep
89c5d5080b
A couple more tweaks to the masq manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-22 11:14:46 -07:00
Tom Eastep
66b3d9aeb5
Correct the heading of the SOURCE masq column
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-22 09:07:00 -07:00
Tom Eastep
966926fac5
RHE7 support -- first cut
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-19 15:15:52 -07:00
Tom Eastep
dcc2fb27c5
Apply Tuomo Soini's whitespace patch
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-19 14:18:48 -07:00
Tom Eastep
6d3b1d80d4
Make 'update -A' convert the tcrules file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-16 14:46:15 -07:00
Tom Eastep
d5e83a5295
Delete extra blank line from the IPv4 mangle file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-16 12:11:11 -07:00
Tom Eastep
7835feb45e
Apply Simon Mater's cosmetic fix to the 'mangle' files.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-16 07:31:44 -07:00
Tom Eastep
c6565f051e
Clean up checking for chain designators with SOURCE $FW.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-16 07:18:35 -07:00
Tom Eastep
c9b6d4a670
Correct CHECKSUM handling
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-16 07:18:06 -07:00
Tom Eastep
00d3a94bfd
Make all actions FORMAT-2
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-09 09:01:29 -07:00
Tom Eastep
d15956feea
Deprecate FORMAT-1 actions and macros
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-08 14:30:33 -07:00
Tom Eastep
f717d097d7
Apply Tuomo Soini's Macro format patch
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-07 12:19:24 -07:00
Tom Eastep
670c33d20b
Update install files to secure the .service files as 644 rather than 600.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-01 11:43:59 -07:00
Tom Eastep
bcbb48d16e
Update install files to secure the .service files as 644 rather than 600.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-01 11:43:00 -07:00
Tom Eastep
2b43c28e98
Add tabs to mangle files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-20 07:56:43 -07:00
Tom Eastep
ba3a7d0621
Do not deprecate USE_DEFAULT_RT
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-19 07:53:18 -07:00
Tom Eastep
15507aa265
Update sample rules files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-19 07:48:42 -07:00
Tom Eastep
4d4e8b3df4
Do nothing when a rules file section is empty.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-18 14:13:34 -07:00
Tom Eastep
240d3d8cab
Improve interface option inheritence
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-18 13:36:06 -07:00
Tom Eastep
acda5482c4
If USE_DEFAULT_RT isn't specified, make it 'No'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-18 13:22:58 -07:00
Tom Eastep
e731ea1ca8
Revert "Always inherit interface options"
...
This reverts commit 65cde3475f
.
2014-04-15 11:54:58 -07:00
Tom Eastep
65cde3475f
Always inherit interface options
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-15 11:37:51 -07:00
Tom Eastep
b3cd9ab15a
Default to LOAD_HELPERS_ONLY=Yes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-12 11:05:28 -07:00
Tom Eastep
fdc391cf49
Change all *.conf files to reflect ZONE2ZONE=-
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-11 20:44:15 -07:00
Tom Eastep
58700b2301
Correct the behavior of rpfilter when FASTACCEPT=Yes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-31 07:29:29 -07:00
Tom Eastep
a9ac9c274e
Correct the behavior of rpfilter when FASTACCEPT=Yes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-31 07:28:30 -07:00
Tom Eastep
72869adcd6
Correct missing comment in trace entry.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-28 08:55:55 -07:00
Tom Eastep
0c8365001d
Avoid spurious comments on jumps to section chains.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-28 08:55:48 -07:00
Tom Eastep
6274f8444f
Correct missing comment in trace entry.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-28 08:55:23 -07:00
Tom Eastep
05816e94ee
Avoid spurious comments on jumps to section chains.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-28 08:55:00 -07:00
Tom Eastep
0561b10adb
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
2014-03-22 08:58:20 -07:00
Tom Eastep
db1b25b4d7
Restore small mark verification.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-22 08:38:57 -07:00
Tom Eastep
4de651ff55
Add a comment line
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-19 10:38:41 -07:00
Tom Eastep
5981ce59e3
Include -t <table> in debug_restore_input() error message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-19 10:25:37 -07:00
Tom Eastep
54a5e4af52
A couple of minor tweaks to the Chains module.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-19 10:24:30 -07:00
Tom Eastep
4bd8d9791c
Include -t <table> in debug_restore_input() error message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-18 07:28:14 -07:00
Tom Eastep
eb70234c52
Correct some typos in the .conf manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-12 14:50:15 -07:00
Tom Eastep
39b7527cb6
Include rule priority in delete of generated address route rules.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-10 08:25:59 -07:00
Tom Eastep
08d29edf1a
Include rule priority in delete of generated address route rules.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-10 08:24:38 -07:00
Tom Eastep
20b10582b4
Moew deprecation of USE_DEFAULT_RT=No
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-10 08:24:12 -07:00
Tom Eastep
093ff580b5
Deprecate USE_DEFAULT_RT=No.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-09 07:48:05 -07:00
Tom Eastep
cea237620a
Change USE_DEFAULT_RT default to 'Yes'.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-09 07:42:22 -07:00
Tom Eastep
c9d7370fb4
Merge branch '4.5.21'
...
Conflicts:
Shorewall/manpages/shorewall.conf.xml
Shorewall6/manpages/shorewall6.conf.xml
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-05 09:00:34 -08:00
Tom Eastep
8b4d8bfa16
Finish ADMINISABSENDMINDED change
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-05 08:57:03 -08:00
Tom Eastep
caa72fb7d2
Correct routestopped files.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-02 10:39:12 -08:00
Tom Eastep
4eadec234a
Revert "Correct the behavior of ADMINISABSENTMINDED"
...
This reverts commit ded747a51a
.
2014-03-02 08:25:05 -08:00
Tom Eastep
2b489993ca
Revert "Correct the behavior of ADMINISABSENTMINDED"
...
This reverts commit df09e0ccc5
.
2014-03-02 08:23:23 -08:00
Tom Eastep
ded747a51a
Correct the behavior of ADMINISABSENTMINDED
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-28 10:14:33 -08:00
Tom Eastep
df09e0ccc5
Correct the behavior of ADMINISABSENTMINDED
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-28 10:14:08 -08:00
Tom Eastep
454e53bcfa
Reformat preceding patch and correct syntax errors.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-25 13:21:23 -08:00
Tom Eastep
66fdc9f6a7
Call directive_callback for directives without '?'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-25 12:48:25 -08:00
Tom Eastep
c74235a200
Correct typos
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-17 14:17:49 -08:00
Tom Eastep
1759fc75b0
Correctly handle alternate specification with ';' in 'update -t'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-17 14:10:17 -08:00
Tom Eastep
3e87efc82b
Document -t option
...
- Also copy compiler directives to the mangle file.
2014-02-17 12:50:59 -08:00
Tom Eastep
a011ad8efe
Add raw matches to the converted mangle file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-16 09:59:13 -08:00
Tom Eastep
0e40a42729
Allow SAVE and RESTORE in the postrouting chain
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-16 09:50:43 -08:00
Tom Eastep
69fe94ef08
Document the -t option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-16 09:25:58 -08:00
Tom Eastep
669d15e2cf
Implement the -t update option.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-15 09:36:13 -08:00
Tom Eastep
708d58da21
Revert "Replace SECTION with ?SECTION in the rules file."
...
This reverts commit 34207fef1a
.
2014-02-13 08:23:34 -08:00
Tom Eastep
34207fef1a
Replace SECTION with ?SECTION in the rules file.
2014-02-12 13:25:36 -08:00
Tom Eastep
2dbcd36a9c
Implement BASIC_FILTERS
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-04 16:34:03 -08:00
Tom Eastep
0383ca7de6
Correct semantics of ipset lists in tcfilters
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-04 12:27:46 -08:00
Tom Eastep
7ddc65133e
Support ipset lists in the tcfilters file.
...
- Also document the fact that ipset match options are not available in
the tcfilters file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-04 12:16:35 -08:00
Tom Eastep
1d4a87a0d0
Excape an opening parehthesis.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-04 12:15:35 -08:00
Tom Eastep
3b3608ad65
Correct ICMP handling in basic filters.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-04 07:16:41 -08:00
Tom Eastep
081a387f1d
Fix some bugs in basic filter generation.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-03 14:59:27 -08:00
Tom Eastep
fbb03248c4
Correct 'dump' help text
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-02 13:01:42 -08:00
Tom Eastep
033a1a0367
Correct 'dump' help text
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-02 13:00:41 -08:00
Tom Eastep
c08655e0bc
Document ipset use in tcfilters
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-01 09:40:39 -08:00
Tom Eastep
50fb8e3f2f
Use HEX representation for matching IPv6 addresses in basic filters.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-31 12:49:47 -08:00
Tom Eastep
f029f5b483
Correct handling of logging of a non-terminating target
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-29 08:22:31 -08:00
Tom Eastep
86f667afd4
Correct handling of logging of a non-terminating target
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-29 08:19:53 -08:00
Tom Eastep
8a63053c13
Correct defects found in unit testing
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-21 20:19:56 -08:00
Tom Eastep
62557cb98e
Correct defects found during testing of ematch.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-21 12:53:33 -08:00
Tom Eastep
9c4089fc99
Initial basic filter implementation.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-20 18:40:40 -08:00
Tom Eastep
44e0d48fc5
Add <refmiscinfo>...</refmiscinfo> to remaining manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-16 08:32:57 -08:00
Tom Eastep
5a649dc205
Add <refmiscinfo>...</refmiscinfo>
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-16 07:44:23 -08:00
Tom Eastep
89fd5ced15
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2014-01-12 14:05:48 -08:00
Roberto C. Sanchez
b1a490b50a
Cleanup links in manpages so that hrefs in generated HTML don't take the user to a different server
2014-01-12 16:40:03 -05:00
Tom Eastep
a35b7821bf
Correct stoppedrules manpages re DROP
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-07 13:30:09 -08:00
Tom Eastep
fd28a12653
Allow DROP in the stoppedrules file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-07 13:19:49 -08:00
Tom Eastep
7e6fc3229d
Correct handling of default chain when a mark range is specified.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-07 13:15:51 -08:00
Tom Eastep
42dd8dfee9
Change license to GPLv2+ and update copyrights
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-04 09:48:27 -08:00
Tom Eastep
5a7e458104
Backout ematch stuff for now
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-03 12:01:56 -08:00
Tom Eastep
7e1a310929
Implement ipset matches in tcfilters
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-03 09:35:34 -08:00
Tom Eastep
78ecf9bdc8
Finish up ipset extensions.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-03 09:23:14 -08:00
Tom Eastep
1771bb75cf
Finish ipset match option implementation.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-02 14:43:55 -08:00
Tom Eastep
b4847d6a01
New IPSET MATCH extensions
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-02 09:36:35 -08:00
Tom Eastep
48ceed9ecb
Make tcpflags the default.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-01 15:10:38 -08:00
Tom Eastep
1083dd8c26
Allow ?COMMENT in the mangle file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-01 08:02:17 -08:00
Tom Eastep
5e7cd855c2
Correct typo in Tc.pm
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-01 07:53:38 -08:00
Tom Eastep
623bdd2ff1
Manpage corrections.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-01 07:41:28 -08:00
Tom Eastep
b61ee2d75e
Manpage updates for IP[6]TABLES
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-01 07:18:54 -08:00
Tom Eastep
2c2aaf262c
Add IP[6]TABLES support for the conntrack file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-01 07:18:36 -08:00
Tom Eastep
6c990a7253
Logically OR builtin definitions from the actions file if the builtin exists
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-01 07:18:00 -08:00
Tom Eastep
f7bbac6ea8
Make tcrules/mangle similar to notrack/conntrack.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-01 07:15:56 -08:00
Tom Eastep
4c1b83beef
Tweaks to the Tc.pm module.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-31 11:42:38 -08:00
Tom Eastep
ac6a506e35
Allow logging from the RAW table
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-31 11:04:43 -08:00
Tom Eastep
11e61ec6e5
Add chain information to the builtin_target table.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-31 08:22:58 -08:00
Tom Eastep
5985a6e9b3
Implement IP[6]TABLES in the rules files.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-29 13:46:58 -08:00
Tom Eastep
4cc5ee6b73
Document IP[6]TABLES in the manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-29 10:13:38 -08:00
Tom Eastep
66a04e4819
Allow inline matches with IP[6]TABLES
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-29 10:13:00 -08:00
Tom Eastep
1634267faa
Rename JUMP to IP[6]TABLES.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-29 10:12:33 -08:00
Tom Eastep
c8866ef8bf
Correct handling of columns with embedded spaces
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-29 08:56:14 -08:00
Tom Eastep
8f6f0c94a4
Replace tcrules with mangle in the manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-28 15:35:08 -08:00
Tom Eastep
6fe06c82c8
More switch from tcrules to mangle
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-28 15:24:05 -08:00
Tom Eastep
543446f8d7
Integrate tcrules and mangle processing.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-28 14:24:36 -08:00
Tom Eastep
a1222d10cb
change 'marks' file to 'mangle'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-28 10:03:23 -08:00
Tom Eastep
3dba1f5bee
Tested version of the marks file handler
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-27 12:38:22 -08:00
Tom Eastep
3960aaee4c
Consolidate declarations in process_mark_rule().
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-24 09:49:10 -08:00
Tom Eastep
5419109880
Correct syntax errors in new mars handling
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-24 09:04:54 -08:00
Tom Eastep
584b0ac50e
Some small tweaks to the marks file processing
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-24 07:25:40 -08:00
Tom Eastep
1d84f27efe
Add shorewall-marks manpage
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-20 14:12:35 -08:00
Tom Eastep
4c840a05a0
Fix issue in the shorewall-tcrules and shorewall6-tcrules manpages.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-19 16:24:50 -08:00
Tom Eastep
6323372ebd
Fix issue in the shorewall-tcrules and shorewall6-tcrules manpages.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-19 16:23:32 -08:00
Tom Eastep
4c2cedb670
Add get_target_param1() that doesn't accept the <action>/<param> syntax
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-19 09:17:11 -08:00
Tom Eastep
f32a777099
Fix INLINE in tcrles
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-18 09:19:35 -08:00
Tom Eastep
cd5be38cfb
Eliminate silly extra loop in accounting processing.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-18 09:19:16 -08:00
Tom Eastep
2894bb9656
Move INLINE processing into the Chains module.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-16 12:31:35 -08:00
Tom Eastep
fad3b42bd3
Correct line split in the Accounting module
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-16 07:40:41 -08:00
Tom Eastep
4e4e7cac1d
Redefine the -i option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-15 11:23:20 -08:00
Tom Eastep
6d72cb3138
Correct update inline
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-15 09:32:09 -08:00
Tom Eastep
cb74b2d706
Document the -i update option in the manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-14 20:54:56 -08:00
Tom Eastep
9abe60bc27
Implement the -i option of upgrade
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-14 17:54:10 -08:00
Tom Eastep
33c5893bdb
Implement INLINE_MATCHES
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-14 13:35:01 -08:00
Tom Eastep
2bc329aa1d
Add INLINE support to the masq file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-13 15:44:16 -08:00
Tom Eastep
f22dfcaa75
Merge branch '4.5.21'
2013-12-08 09:02:44 -08:00
Tom Eastep
d71c2688dc
Clarify the need to quote/escaape settings with parentheses.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-08 09:02:25 -08:00
Tom Eastep
95abeaea24
Finish INLINE in the tcrules file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-01 09:25:32 -08:00
Tom Eastep
75258083e3
Cleanup of column splitting change.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-01 09:24:49 -08:00
Tom Eastep
bf44e514e3
Keep parentheses balanced when splitting a line.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-11-30 14:13:42 -08:00
Tom Eastep
e5d250750b
Correct handling of ?SECTION
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-11-27 07:53:33 -08:00
Tom Eastep
d63262a0cb
change ZONE2ZONE default to '-'.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-11-24 08:16:28 -08:00
Tom Eastep
3870157898
Issue warning on bare SECTION headings.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-11-24 07:58:02 -08:00
Tom Eastep
80d54ec40b
Implement ?SECTION
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-11-18 06:57:54 -08:00
Tom Eastep
855cb6e7f4
Correct handling of HFSC classes with DMAX but no UMAX
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-11-16 08:07:23 -08:00
Tom Eastep
ea21d61f39
Correct Broadcast Actions
...
- Delete --dst-type BROADCAST from IPv6
- Suppress superfluous multicast rule
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-11-12 08:41:58 -08:00
Tom Eastep
3b5c1ad601
Remove anachronistic text from the tcinterfaces manpages.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-11-10 08:19:16 -08:00
Tom Eastep
e14d92c5ac
Add DROP support in tcrules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-11-04 10:50:11 -08:00
Tom Eastep
5f37b5bde6
Correct install scripts
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-25 06:53:51 -07:00
Tom Eastep
b00e20d4d0
Merge branch '4.5.21' of ssh://server.shorewall.net/home/teastep/shorewall/code into 4.5.21
2013-10-24 08:04:07 -07:00
Tom Eastep
6eb2c0cb5f
Add link to the logging page from the policy manpages.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-24 08:01:18 -07:00
Tom Eastep
ca3385d1be
Remove superfluous '[' from character set.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-21 09:28:21 -07:00
Tom Eastep
5823411091
Correct typo in a regular expression.
...
- Re-enable |<mark> in the tctrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-21 07:04:23 -07:00
Tom Eastep
66c2fca2b0
Eradicate the use of 'fgrep'
...
- Busybox on Leaf Bering does not have fgrep
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-14 07:15:08 -07:00
Tom Eastep
b27e3d2fff
Merge branch '4.5.21'
2013-10-08 13:17:41 -07:00
Tom Eastep
5e67808abd
Don't add host route in default table.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-08 11:27:41 -07:00
Tom Eastep
1659d8ce9f
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2013-10-08 09:52:51 -07:00
Tom Eastep
fa500b9ea2
Correct H323 and netbios-ns handling.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-08 09:24:52 -07:00
Tom Eastep
b6d7e9ea96
Work around emacs bug
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-08 09:24:40 -07:00
Tom Eastep
0e61c2f210
Correct H323 and netbios-ns handling.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-08 09:20:46 -07:00
Tom Eastep
3c9d984835
Correct typo
...
- list_split s/b split_list
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-08 09:19:07 -07:00
Tom Eastep
4917500f12
Work around emacs bug
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-08 07:13:01 -07:00
Tom Eastep
50b7a81b13
Correct typo
...
- list_split s/b split_list
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-08 06:56:16 -07:00
Tom Eastep
8c4bbf0c85
Implement REAP_OPTION capability
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-07 07:54:52 -07:00
Roberto C. Sanchez
12563c55a8
Add '. /lib/lsb/init-functions' to the Debian-specific init scripts, as recommended by lintian
2013-10-05 16:31:45 -04:00
Tom Eastep
5b515f007b
Fix 'monthdays' in the TIME column.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-30 15:43:17 -07:00
Tom Eastep
24218934f8
Clean up uninstall scripts
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-30 15:42:58 -07:00
Tom Eastep
308aaad8d4
Use insserv on Debian
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-29 09:28:22 -07:00
Tom Eastep
d9c3345a2d
Correct temporal port range in mDNS macros.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-29 08:05:52 -07:00
Tom Eastep
d7cbd1da21
Allow actions to manipulate the current comment from Perl.
...
- Added set_comment()
- moved push/pop_comment() to the :DEFAULT export
2013-09-23 12:21:44 -07:00
Tom Eastep
a389aa01a8
Fix for litedir
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-18 21:05:35 -07:00
Tom Eastep
a5c608e996
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
2013-09-18 17:59:49 -07:00
Tom Eastep
e570d91ab1
Document 'hostroute' and 'nohostroute'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-18 17:58:28 -07:00
Tom Eastep
eb75d0eef4
Add 'nohostroute' option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-18 16:49:54 -07:00
Tom Eastep
4524281163
Apply Thomas D's Gentoo support patch
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-17 08:22:52 -07:00
Tom Eastep
14bd1a9061
Don't require SYSCONFFILE for all products
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-10 08:24:27 -07:00
Tom Eastep
159d677acb
Update manpages to indicate that 'inline' is assumed for REJECT_ACTION
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-10 08:08:06 -07:00
Tom Eastep
5dbcdd65e2
Force 'inline' for REJECT_ACTION
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-10 07:37:53 -07:00
Tom Eastep
50411e638c
Report the name of the SysV init file installed.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-09 08:11:45 -07:00
Tom Eastep
dc5c0dc069
Validate default log levels
...
- Name the .conf option involved in error messages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-06 16:00:15 -07:00
Tom Eastep
87ae801c15
Use the -w ip[6]tables option when available.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-04 10:16:36 -07:00
Tom Eastep
ae63a0ab77
Correct description of how REJECT is handled:
...
- Add UDP
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-02 17:07:58 -07:00
Tom Eastep
dcff4fad37
Add sample action to shorewall.conf manpage.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-01 12:20:44 -07:00
Tom Eastep
67603c5eb3
Implement REJECT_ACTION
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-01 09:14:10 -07:00
Tom Eastep
1540e50cce
Remove blank line
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-31 10:07:41 -07:00
Tom Eastep
39e348997f
Add SERVICEFILE variable to shoreallrc.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-18 14:27:26 -07:00
Tom Eastep
156ed38b23
Correct installation of $SYSCONFFILE
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-18 08:30:11 -07:00
Tom Eastep
a298817201
Improve INITSOURCE handling in the installers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-15 06:51:27 -07:00
Tom Eastep
0a2f6c18cc
Correct typo in prog.footer
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-13 07:03:20 -07:00
Tom Eastep
32763e998b
Make -v work with the status command
...
- Also document exit status
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-13 06:52:46 -07:00
Tom Eastep
fc5c92cabc
Use /etc/os-release to determine build host
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-08 17:44:40 -07:00
Tom Eastep
a10aea280b
Add some abbreviations for common commands
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-06 07:05:47 -07:00
Tom Eastep
ceffc000eb
Correct Typo
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-05 08:32:17 -07:00
Tom Eastep
6615c1f736
Clarify usage of Interface Option Chains
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-04 09:01:09 -07:00
Tom Eastep
83d1aa6682
Allow OPTIMIZE=All
...
- Remove use of literal 4096 from OPTIMIZATION checks.
- Moved constant declarations to the Config module.
- Documented that level 1 is ignored when level 4 is specified.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-29 10:08:35 -07:00
Tom Eastep
e0a222938a
Merge branch '4.5.19'
2013-07-27 08:14:35 -07:00
Tom Eastep
bf15b859bc
Clarify the relationship between ROUTE_FILTER and routefilter.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-27 08:09:23 -07:00
Tom Eastep
36a4ef1676
Correct typo in action.IfEvent
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-25 06:10:11 -07:00
Tom Eastep
aabb22a50f
Add the TRACK_RULES option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-24 07:22:51 -07:00
Tom Eastep
765b748283
Documentation updates
...
- Add meaningful IDs to some sections in Events.xml
- Correct typos in the accounting manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-22 07:54:45 -07:00
Tom Eastep
7aa33c140d
Add an AutoBL action with helper AutoBLL
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-17 10:19:18 -07:00
Tom Eastep
8c27b027fc
Break <command> into <command>[<optionlist>]
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-14 08:44:01 -07:00
Tom Eastep
891e3e0e1d
Use the --reap option in sticky recent rules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 14:46:39 -07:00
Tom Eastep
d6d0cad2f9
Add 'show event[s]' to manpages.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 10:37:27 -07:00
Tom Eastep
5c7500e13e
Display the current time as an integer in 'show event[s]' output
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 09:46:08 -07:00
Tom Eastep
09240da55a
Change the external name of MARK_ANYWHERE to 'Mark in the filter table'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 09:45:20 -07:00
Tom Eastep
2df4aae583
Reword an error message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 07:22:28 -07:00
Tom Eastep
89f16bdb37
Include a current time event in /proc/net/xt_recent/
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 07:14:22 -07:00
Tom Eastep
8e30831385
Resolve merge conflicts
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-11 14:20:38 -07:00
Tom Eastep
d2725fcd87
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2013-07-11 14:16:19 -07:00
Tom Eastep
9535a7d7df
Rename 'Trigger' to 'Event' and document
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-11 10:39:21 -07:00
Tom Eastep
3c6df56b57
Implement Triggers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-10 13:27:58 -07:00
Tom Eastep
411ca87ec3
Allow logging rules with more than 15 ports
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-08 15:59:54 -07:00
Tom Eastep
948a7fccc2
Enhance a comment
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-07 12:52:04 -07:00
Tom Eastep
73060a3761
Correct typo in dropBcast()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-06 07:58:21 -07:00
Tom Eastep
cd83d7727c
Restore handle_original_dest().
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-04 14:51:06 -07:00
Tom Eastep
5121634457
Add ihandle_original_dest()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-04 14:37:24 -07:00
Tom Eastep
131c1f432b
Add iverify_source_interface()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-04 14:07:09 -07:00
Tom Eastep
03885f71d3
Create add_expanded_ijump() that breaks long lines
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-03 15:13:48 -07:00
Tom Eastep
b735b93378
Re-factor irule generation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-03 10:59:09 -07:00
Tom Eastep
b639a18eb9
Simplify fix for -q
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-03 08:16:27 -07:00
Tom Eastep
5ce5d5e607
Delete superfluous blank line
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-02 15:03:50 -07:00
Tom Eastep
3e1ed30f4e
Make initial progress message obey VERBOSITY
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-02 14:23:27 -07:00
Tom Eastep
00c5985458
Rename clone_rule() to clone_irule()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-02 12:38:16 -07:00
Tom Eastep
1a44b66656
Cleaner handling of trailing spaces from log_irule_limit.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-02 12:32:35 -07:00
Tom Eastep
b215cf379a
Generate a warning when Limit is invoked.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-02 12:31:29 -07:00
Tom Eastep
3ec6745df9
Use log_irule_limit() internally where possible.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-02 11:48:02 -07:00
Tom Eastep
55be5b0119
Add log_irule_limit() and log_irule() functions.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-02 11:47:19 -07:00