extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-15 20:24:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,525 Commits 104 Branches 736 Tags 55 MiB
3ca3d64efe
Commit Graph

756 Commits

Author SHA1 Message Date
Tom Eastep
c9c957c5b8 HKP Macro 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-02-28 07:37:16 -08:00
Tom Eastep
3c4b41fbe0 Implement -s option in the major installers 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-02-27 11:48:39 -08:00
Tom Eastep
7fe7ebc891 Fix Handling of NFQUEUE(queue-num) in policies 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-02-25 08:44:28 -08:00
Tom Eastep
5696742ef3 Update release Document with 4.4.7.5 changes and Debian Init Script Fix 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-02-20 08:34:47 -08:00
Tom Eastep
ea8a6c837f Document per-IP rate change 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-02-17 15:41:12 -08:00
Tom Eastep
115ce7b87d Update release documents for bug fixes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-02-17 06:49:13 -08:00
Tom Eastep
ec95e5b32c Document fix for rate limiting of NAT rules 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-02-13 09:11:14 -08:00
Tom Eastep
5a96771e07 Start 4.4.8 Beta 1 2010-02-11 15:46:57 -08:00
Tom Eastep
21d4c8ba21 Document workaround for lack of 'flow' 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-02-08 10:03:10 -08:00
Tom Eastep
f4e175f149 Fix IPv6 'nosmurfs'. Make 'nosmurfs' logging more efficient. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-02-03 15:03:15 -08:00
Tom Eastep
9d288241da Fix issues in generate_matrix(). 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-02-02 19:42:54 -08:00
Tom Eastep
ede17e2da0 Set ADD_IP_ALIASES=No in all shorewall.conf files. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-02-02 08:16:41 -08:00
Tom Eastep
dd60f04a9f Work around lack of MARK Target support 2010-02-01 16:22:57 -08:00
Tom Eastep
9408a114c6 Don't load unused modules when LOAD_HELPERS_ONLY=Yes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-01-25 10:50:49 -08:00
Tom Eastep
8def4d03c3 Document LOAD_HELPERS_ONLY=Yes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-01-21 20:17:25 -08:00
Tom Eastep
10fe25050f Add TC_PRIOMAP fix to change log 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-01-21 10:39:40 -08:00
Tom Eastep
146a738e4c Document TPROXY 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-01-17 08:20:15 -08:00
Tom Eastep
fddb85189e Update release documents for functionality backported from 4.5. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-01-16 11:32:50 -08:00
Tom Eastep
d5cc302ad9 Start 4.4.7 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-01-16 08:11:13 -08:00
Tom Eastep
55e41483de Update Release Documents 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-01-12 20:12:31 -08:00
Tom Eastep
4420eed8d7 Allow users to preview the generated ruleset. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-01-12 15:32:50 -08:00
Tom Eastep
818dfb6295 Document 'show macro' in the release docs. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-01-12 13:46:14 -08:00
Tom Eastep
4464094773 Update release documents for DHCPfwd 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-01-12 07:51:20 -08:00
Tom Eastep
fc8bfdcbf9 Update release documents 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-01-11 14:49:45 -08:00
Tom Eastep
54b21365c2 Update release documents for [...] change 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-01-08 13:58:15 -08:00
Tom Eastep
e3c75dcfcc Document the restoration of SAVE_IPSETS=Yes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-01-04 11:54:59 -08:00
Tom Eastep
b491eae3c0 Document Lenny/xtables-addons hack 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2010-01-04 10:20:40 -08:00
Tom Eastep
15a1b39822 Update change log 2009-12-19 16:40:13 -08:00
Tom Eastep
9cf75a4253 Revert "this is crap" 
This reverts commit 7be7ef6685.
 2009-12-19 16:05:28 -08:00
Tom Eastep
7be7ef6685 this is crap 2009-12-19 16:05:13 -08:00
Tom Eastep
508e1123bb Revert change that allowed out of order policies 2009-12-19 07:24:17 -08:00
Tom Eastep
43c45a064c Add current and limit to conntrack table display 2009-12-12 09:10:24 -08:00
Tom Eastep
9988cfb619 Remove silly logic in expand_rule() 2009-12-10 08:00:18 -08:00
Tom Eastep
a150ed1a72 Update change log 2009-12-08 13:30:55 -08:00
Tom Eastep
79ce532b69 Document fix for 'reload -c' 2009-12-08 08:30:37 -08:00
Tom Eastep
4076a6bca7 Fix ENHANCED_REJECT and MODULE_SUFFIX 2009-12-07 13:55:49 -08:00
Tom Eastep
c8616d4c67 Fix Shorewall6 capability detection 2009-12-05 21:35:05 -08:00
Tom Eastep
ee2195e745 Allow LOGFILE=/dev/null 2009-12-03 16:30:06 -08:00
Tom Eastep
a188fec942 Auto-load cls_flow and search .../sched for modules 2009-12-03 12:20:58 -08:00
Tom Eastep
4c7731fee6 Remove change log error for rejected change 2009-12-03 10:44:36 -08:00
Tom Eastep
e5106f10bc Revert 8ff4d004c0 2009-11-28 07:23:23 -08:00
Tom Eastep
4e8d753682 Revert "Finish Virtual Zones" 
This reverts commit 222c8cf88f.
 2009-11-28 07:20:52 -08:00
Tom Eastep
222c8cf88f Finish Virtual Zones 2009-11-26 12:14:58 -08:00
Tom Eastep
8ff4d004c0 Better virtual zone implementation 2009-11-25 18:14:14 -08:00
Tom Eastep
8263ea1312 Limit providers to 15 2009-11-25 12:18:08 -08:00
Tom Eastep
d189c08533 Revert "Add 'virtual' zone support" 
This reverts commit a2cd4bd1f4.
 2009-11-25 11:51:13 -08:00
Tom Eastep
a2cd4bd1f4 Add 'virtual' zone support 2009-11-25 09:42:28 -08:00
Tom Eastep
d3d21d4d18 Fix 'show policies' in Shorewall6[-lite] 2009-11-23 13:50:41 -08:00
Tom Eastep
cc809eaf78 Complete merge of 4.4 branch into master 2009-11-23 11:15:33 -08:00
Tom Eastep
c17ac8f23f commit crap for now 2009-11-23 11:13:57 -08:00
Tom Eastep
532105ec39 Allow specific policy to supersede a wildcard policy 2009-11-23 10:02:04 -08:00
Tom Eastep
b30cae89e3 Allow <zone>::<serverport> in the rules file DEST column 2009-11-23 09:56:15 -08:00
Tom Eastep
99a35c1bf0 Allow <zone>::<serverport> in the rules file DEST column 2009-11-23 09:33:16 -08:00
Tom Eastep
90170d6018 Update changelog 2009-11-22 08:58:06 -08:00
Tom Eastep
720442b400 Fix merge screwup 2009-11-22 08:43:32 -08:00
Tom Eastep
bd9c0ac285 Generate error on port == 0 2009-11-22 08:39:03 -08:00
Tom Eastep
c8209f4ce2 Apply bridge fix to 4.4 2009-11-22 08:18:23 -08:00
Tom Eastep
c7de19cf39 Allow specific policy to supersede an expanded one 2009-11-21 13:56:40 -08:00
Tom Eastep
cbe944c354 Open the 4.5.0 Thread 2009-11-21 11:41:10 -08:00
Tom Eastep
ecf6a0ec4a Open 4.4.5 2009-11-21 11:08:50 -08:00
Tom Eastep
bce4d51a18 Allow wide MARK values in tcclasses when WIDE_TC_MARKS=Yes 2009-11-21 07:54:42 -08:00
Tom Eastep
c5bb493b29 Fix class number assignment when WIDE_TC_MARKS=Yes 2009-11-20 12:25:15 -08:00
Tom Eastep
9d5dd2ad3a Implement an '-l' option to the 'show' command 2009-11-16 15:14:24 -08:00
Tom Eastep
2a910ebddf Suppress redundant tests for provider availability in route rules processing 2009-11-16 12:43:44 -08:00
Tom Eastep
31f01fe765 Document fixing route rule addition code 2009-11-16 11:20:02 -08:00
Tom Eastep
f5a019becc Implement 'show policies' command 2009-11-15 09:24:56 -08:00
Tom Eastep
893a847c87 Suppress extra COMMENT warnings 2009-11-10 17:17:55 -08:00
Tom Eastep
bf8c38e054 Add ZONE2ZONE option to shorewall.conf 2009-11-10 14:12:55 -08:00
Tom Eastep
89bdcf9a3d Implement 'physical' option 2009-11-06 07:27:44 -08:00
Tom Eastep
28b660c853 Avoid reporting bogus duplicate interface with two bridges and wildcard ports 2009-11-05 11:04:14 -08:00
Tom Eastep
4548db58da Relax port list limitation in /etc/shorewall/routestopped 2009-11-03 11:36:32 -08:00
Tom Eastep
4f5c602d5f Fix .spec error and document logrotate files 2009-11-03 10:12:38 -08:00
Tom Eastep
11ddfa92e9 Eliminate Perl run-time errors out of move_rules() 2009-11-01 17:14:42 -08:00
Tom Eastep
23d0806da2 Change Shorewall6 default STARTUP_LOG and LOG_VERBOSITY 2009-11-01 11:09:17 -08:00
Tom Eastep
f0b4b1f42e Add limit option to tcclasses 2009-10-26 12:23:32 -07:00
Tom Eastep
b3571261dd Fix optional providers 2009-10-24 12:05:44 -07:00
Tom Eastep
3e2cf982a3 Correct messages issued when a provider is not added 2009-10-24 08:50:15 -07:00
Tom Eastep
86df82a29a Fix IPv6 address validation error 2009-10-23 13:41:51 -07:00
Tom Eastep
d0cda6b6ea Add TRACK_PROVIDERS option 2009-10-20 13:24:17 -07:00
Tom Eastep
49f361124e Make 'track' the default 2009-10-20 12:24:28 -07:00
Tom Eastep
abc9ab061a Remove superfluous variables from generated script 2009-10-19 07:25:03 -07:00
Tom Eastep
f3043f1453 Document nested zone fix 2009-10-17 11:06:36 -07:00
Tom Eastep
b38841798e Fix initialization 2009-10-15 13:43:46 -07:00
Tom Eastep
990a9f0fdc Fix RETAIN_ALIASES 2009-10-13 14:36:47 -07:00
Tom Eastep
83a9d8dd1b Rename 'object' to 'script' 2009-10-05 15:43:29 -07:00
Tom Eastep
ab4e7cffcf Document fix to routestopped 2009-10-03 10:53:53 -07:00
Tom Eastep
beac09e45f STARTUP_LOG changes 2009-10-02 16:10:14 -07:00
Tom Eastep
964cba79a9 Initialize 4.4.3 2009-10-02 11:31:08 -07:00
Tom Eastep
393673a884 Allow MARK in action body -- take 2 2009-09-25 16:15:56 -04:00
Tom Eastep
428c3d1e4e Hack to make new LIMIT stuff work on ancient iptables releases 2009-09-20 09:12:35 -04:00
Tom Eastep
120aade417 Allow Extension Scripts for Accounting Chains 2009-09-15 12:22:51 -07:00
Tom Eastep
a5f3a05341 Fix typo in the Introduction 2009-09-14 13:43:32 -07:00
Tom Eastep
8fdebf0c38 Add new columns to macros 2009-09-13 08:09:40 -07:00
Tom Eastep
07d8872823 Indicate that Squeeze 'will' include 4.4 2009-09-12 09:20:38 -07:00
Tom Eastep
9b0a9e8ecd Add -<family> to 'ip route del default' command 2009-09-12 08:48:52 -07:00
Tom Eastep
8c2a228a7d Apply Jesse Shrieve's SNAT patch 2009-09-11 07:47:31 -07:00
Tom Eastep
7c1dd35a00 Update release documents 2009-09-09 12:18:31 -07:00
Tom Eastep
bb83db3eb9 Don't call compile_stop_firewall() during 'check'; call process_routestopped() instead - change log 2009-09-08 12:55:14 -07:00
Tom Eastep
b03d502bbb Allow comments on continued lines 2009-09-06 16:17:22 -07:00
Tom Eastep
70ebe17cb3 Reimplement MAPOLDACTIONS=Yes 2009-09-06 13:37:24 -07:00
Tom Eastep
ec94ed638e Better modularization of Chains and Actions 2009-09-05 08:43:14 -07:00
Tom Eastep
03821dc22c Process routestopped file during 'check' 2009-09-03 19:27:25 -07:00
Tom Eastep
f3455b107d 4.4.2 release doc initialization and update 2009-09-03 14:58:46 -07:00
Tom Eastep
62b1dbcd7f Document portlist-splitting change 2009-09-02 15:30:26 -07:00
Tom Eastep
fbfa4b4e49 Update release documents and make minor change to faq 2009-08-31 14:19:15 -07:00
Tom Eastep
2bb92a79f3 Fix silly hole in zones file parsing 2009-08-30 08:05:10 -07:00
Tom Eastep
d31721a066 Fix rule generated by MULTICAST=Yes -- release documents 2009-08-29 09:34:16 -07:00
Tom Eastep
1ef00c547b Disallow 'nets=' in a multi-zone interface definition 2009-08-29 07:41:27 -07:00
Tom Eastep
4809314fc1 Allow extending a zone defined with nets= 2009-08-29 07:20:16 -07:00
Tom Eastep
acfdc7e481 nets= allows multicast 2009-08-28 15:17:10 -07:00
Tom Eastep
5db7e77462 Turn off IP forwarding in the standalone example -- update release docs 2009-08-28 08:31:48 -07:00
Tom Eastep
383f3e8bcf Fix nested IPSEC zones 2009-08-26 12:44:10 -07:00
Tom Eastep
1b26c65cbc Fix logging in rules at the end of INPUT and OUTPUT 2009-08-25 09:22:26 -07:00
Tom Eastep
088e164f18 Redefine 'full' when used in a sub-class definition 2009-08-24 11:56:16 -07:00
Tom Eastep
e24dbb9aea Add 'clean' target to Makefiles 2009-08-23 10:43:01 -07:00
Tom Eastep
622db3655f More updates/corrections to change notes 2009-08-18 08:50:50 -07:00
Tom Eastep
4bc1fb145a Update change notes 2009-08-18 08:44:55 -07:00
Tom Eastep
0557148bec Avoid double globals initialization for IPv6 2009-08-16 09:24:51 -07:00
Tom Eastep
55f75604b3 Add support for 'persistent' 2009-08-15 08:15:38 -07:00
Tom Eastep
883f415e53 Start 4.4.1 2009-08-14 14:46:31 -07:00
Tom Eastep
2bac824207 Fix provider number in masq entry 2009-08-12 13:52:56 -07:00
Tom Eastep
55c879e4e6 Fix log record displays 2009-08-07 13:33:07 -07:00
Tom Eastep
70f46c02cc Fix logging NAT rules 2009-08-05 12:48:14 -07:00
Tom Eastep
999a00dc77 Remove need for '-v-1' when compiling to stdout 2009-08-03 11:20:34 -07:00
Tom Eastep
4af6c7650e Correct handling of nested IPSEC zone 2009-07-29 14:35:27 -07:00
Tom Eastep
8d8920e7ad Disallow ipsec zones nested within an ip zone 2009-07-29 07:49:06 -07:00
Tom Eastep
f2f8cab962 Make 'any' a reserved zone name 2009-07-26 12:29:37 -07:00
Tom Eastep
26cb2b1eeb Allow Shorewall6 to recognize TC, IP and IPSET 2009-07-26 12:26:49 -07:00
Tom Eastep
c77f462d2d Delete prog.functions and prog.functions6 2009-07-24 14:51:24 -07:00
Tom Eastep
4fd338f3ca Fix 'rpm -U' from earlier versions 2009-07-21 12:32:25 -07:00
Tom Eastep
f16b2300b6 Remove references to Shorewall-shell, Shorewall-perl and prior Shorewall versions from the manpages 2009-07-15 17:50:55 -07:00
Tom Eastep
8e9bef0a61 Fix routing with no providers 2009-07-15 13:03:49 -07:00
Tom Eastep
887a643f9e Initiate RC1 2009-07-12 10:06:57 -07:00
Tom Eastep
f88048ebe4 More revert conflicts 2009-07-06 18:23:23 -07:00
Tom Eastep
bc85b615ba More new macros 2009-06-29 21:05:23 -07:00
Tom Eastep
050375b211 Delete DISABLE_IPV6 option 2009-06-29 18:33:13 -07:00
Tom Eastep
9dbafc59d0 Fix 'findgw' 2009-06-29 08:14:53 -07:00
Tom Eastep
40bb8283d2 Verify the availability of the LOG target 2009-06-25 13:50:27 -07:00
Tom Eastep
f4338b52fe Fix 'show dynamic' 2009-06-24 15:28:43 -07:00
Tom Eastep
6eb202666c Fix for mis-configured interfaces 2009-06-24 08:58:37 -07:00
Tom Eastep
bd55a545b5 Rename lib.user to lib.private 2009-06-20 09:35:08 -07:00
Tom Eastep
01d046fac9 Add lib.user extension script 2009-06-19 14:39:45 -07:00
Tom Eastep
117116eb4e Add USER/GROUP column to /etc/shorewall/masq 2009-06-19 08:00:26 -07:00
Tom Eastep
dcb4ca61a5 Add iptrace/noiptrace commands 2009-06-17 12:03:05 -07:00
Tom Eastep
abe07c9fae Add 'upnpclient' interface option 2009-06-15 13:34:35 -07:00
Tom Eastep
4f675e2e18 Update release documents 2009-06-15 06:49:57 -07:00
Tom Eastep
a6d2497653 Integerize r2q before using it in a 'qdisc add' command 2009-06-14 14:29:12 -07:00
Tom Eastep
265e4fa546 First cut at 4.4 2009-06-12 15:51:43 -07:00
Tom Eastep
ee0667c9da Fix mnemonic handling in tcfilters 2009-06-12 07:27:08 -07:00
Tom Eastep
d079e69a1b Correct Typo in 2-interface IPv6 Sample shorewall6.conf 2009-06-09 07:59:23 -07:00