Tom Eastep
0bf2753472
Re-implement conditional inclusion
...
- Correct defects
- Add ?ELSIF support
- Allow Perl-compatible expressions in ?IF
2012-06-27 15:15:44 -07:00
Tom Eastep
640d34cecd
Remove old advice from the Aliased Interface Article
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-20 16:39:12 -07:00
Tom Eastep
d1627efe5a
Add a complex QOS Example
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-17 09:57:31 -07:00
Tom Eastep
6c47349689
Support 'red' queuing discipline
...
- Also added 'ls' support for HFSC
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-13 14:29:13 -07:00
Tom Eastep
f92a9fa0d6
Update traffic shaping doc with linklayer options
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-12 09:40:33 -07:00
Tom Eastep
4a51241c40
Merge branch '4.5.5'
2012-06-12 08:12:26 -07:00
Tom Eastep
b2c96970ee
Add cls_basic to recommended TC modules in FAQ 67
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-12 08:11:17 -07:00
Tom Eastep
2e05b81443
Apply patch from Ronan Amicel
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-11 11:26:49 -07:00
Tom Eastep
5f051fc61b
Unify document indexes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-10 15:31:31 -07:00
Tom Eastep
61d4363865
Update Netfilter overview with Raw and Rawpost tables
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-10 15:30:39 -07:00
Tom Eastep
705744fd8c
Convert Frequently-used Articles section into a table
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-10 07:36:32 -07:00
Tom Eastep
724f3cbd76
Unify documentation indexes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-10 07:22:14 -07:00
Tom Eastep
f86476a43c
Remove SYSCONFDIR aliasing from Install.xml
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-09 07:18:53 -07:00
Tom Eastep
1ed6769b14
Fix broken URL in logging doc
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-09 07:18:17 -07:00
Tom Eastep
5c7a4b579c
Clarify CONFIG_PATH setting using -lite products
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-05 17:23:13 -07:00
Tom Eastep
ee467a4877
Allow embedded shell/Perl directives to have leading '?'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-05 07:32:43 -07:00
Tom Eastep
fc97f6d00e
Implement LOG target option control.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-24 13:54:59 -07:00
Tom Eastep
ab2376d61d
Document 15-cc limit.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-21 07:03:53 -07:00
Tom Eastep
73e5bb0374
Expand the GEOIP documentation to describe GEOIPDIR option.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-20 09:40:00 -07:00
Tom Eastep
d8ec051114
Load the geoip cc's dynamically.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-20 08:59:59 -07:00
Tom Eastep
f0a3e1652a
Bracket non-trivial cc lists with [...]
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-19 09:39:49 -07:00
Tom Eastep
cb72948739
Add Geoip match to config basics doc. Clarify variable search algorithm.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-18 07:27:33 -07:00
Tom Eastep
55c88e8e81
Replace curly brace enclosure with a preceding caret to avoid ambiguity.
...
- {...} is used to enclose a set of column/value pairs and it is certain
that the two will become confused.
2012-05-17 15:26:16 -07:00
Tom Eastep
d1519345c4
Add TOC Link to ISO-3661.html; Correct typo in ISO-3661 page.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-17 12:26:02 -07:00
Tom Eastep
d220d3d9d5
Abandon action.GeoIP in favor of extended syntax in the SOURCE and DEST columns.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-17 10:44:02 -07:00
Tom Eastep
cc07e74532
Correct typo in TPROXY documentation.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-16 15:56:19 -07:00
Tom Eastep
3d541f50c8
Use "(S)" consistently in column headings.
...
- add synonyms so both the singular and plural forms are accepted.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 12:42:04 -07:00
Tom Eastep
bad8b9bddb
Improve TPROXY documentation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 11:39:15 -07:00
Tom Eastep
69d735ea0a
Make TPROXY actually work!
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-10 11:19:23 -07:00
Tom Eastep
582d025f58
Add DIVERT action to tcrules.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-09 09:41:58 -07:00
Tom Eastep
089d980dae
Document the --shorewallrc parameter to compiler.pl
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-08 07:59:22 -07:00
Tom Eastep
2cbf1e86ad
Allow synonyms for column names in alternate specification formats
...
- gateway and gateways in the tunnels file
- mark and action in the tcrules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 11:59:47 -07:00
Tom Eastep
7453b70666
Add emphasis to the 'required' option in the config basics doc
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 07:14:56 -07:00
Tom Eastep
53d66833b2
Document how to avoid dhcp client setting default route
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-04 08:28:06 -07:00
Tom Eastep
2dd82a9898
Update Multi-ISP documentation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-01 10:28:12 -07:00
Tom Eastep
3a362a7004
Update FAQ 17
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-25 09:44:24 -07:00
Tom Eastep
25125c47e4
Document configure.pl
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-10 11:57:08 -07:00
Tom Eastep
55cd81747d
Add emphasis in some examples; correct a typo.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-07 07:38:38 -07:00
Tom Eastep
97cc4930cf
Deimplement option leading ? in embedded directives
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-06 16:26:05 -07:00
Tom Eastep
f85321e201
Clean up conditional include documentation.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-06 11:50:22 -07:00
Tom Eastep
85fce606dc
Give all config files access to shorewallrc variables.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-01 13:19:38 -07:00
Tom Eastep
c26f6d45dd
Document install changes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-31 20:02:03 -07:00
Tom Eastep
0063de1564
Add capabilities to conditionals
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 11:57:33 -07:00
Tom Eastep
72e6330ff4
Revert "Add capabilities to ?IF conditionals"
...
This reverts commit 0d71c590e4
.
2012-03-19 07:20:31 -07:00
Tom Eastep
c51e387e79
Document MANDIR
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 12:09:22 -07:00
Tom Eastep
0fac1d182f
Add an Id to the default location section of the Install doc
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 11:20:24 -07:00
Tom Eastep
0d71c590e4
Add capabilities to ?IF conditionals
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 08:48:26 -07:00
Tom Eastep
81714ee81f
Document '!' in ?IF
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-17 16:58:25 -07:00
Tom Eastep
b7465262ca
Rename MARK/CLASSIFY column to ACTION
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-16 10:09:13 -07:00
Tom Eastep
ab13fbe95e
Allow conditional compilation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-16 08:16:12 -07:00
Tom Eastep
a3219f71c9
Add a restriction to the SHELL and PERL directives.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-13 12:27:04 -07:00
Tom Eastep
fd5b7b20cf
Remove trailing white-space
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-08 13:05:56 -08:00
Tom Eastep
05f025e422
Don't install isusable script by default
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-07 07:46:53 -08:00
Tom Eastep
1d249567ed
Add unsubscribe instructions to the FAQ.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-05 13:32:12 -08:00
Tom Eastep
9493bda0cc
Mention Shorewall-core in the 4.5.0 upgrade issues.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-01 07:28:16 -08:00
Tom Eastep
bd9a3e5a3e
Update the release model web page
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-25 08:24:48 -08:00
Tom Eastep
47453a20f7
Tweak to Run-time gateway variables
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-24 09:02:04 -08:00
Tom Eastep
7273f4d8d4
Implement run-time gateway variables.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-23 13:36:00 -08:00
Tom Eastep
09ad6bba1a
Fix Shorewall-core installer
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-22 15:59:28 -08:00
Tom Eastep
c751a0ada3
Documentation updates suggested by Jeffrey Spain.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-20 11:30:06 -08:00
Tom Eastep
8c981e0464
Cleanup of install scripts based on feedback from Mr. Dash4
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-20 10:08:42 -08:00
Tom Eastep
76f8a9e171
Update the Install article for 4.5.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-20 09:02:04 -08:00
Tom Eastep
30cf344be0
Unify 4.4/4.5 documentation Index
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-12 11:47:08 -08:00
Tom Eastep
892f4417b3
Update build doc
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-05 08:06:02 -08:00
Tom Eastep
8d9b1d50d1
Change zone ordering in the IPSEC doc.
...
- Place net before vpn so that pppoe users who blindly copy examples won't
get mis-ordered nested zones.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-21 05:51:28 -08:00
Tom Eastep
4f90736601
Update multi-ISP doc for automatic .status file generation.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-17 07:30:13 -08:00
Tom Eastep
5c596ed715
Update Shorewall Perl doc.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-17 07:24:29 -08:00
Tom Eastep
7060c1350f
Add 'ttl' to Debian tunnel configurations.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-16 10:31:05 -08:00
Tom Eastep
58bf562747
Generate load rules at runtime rather than at compile time.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-15 19:23:44 -08:00
Tom Eastep
7316a2c51a
Implement 'load=<load-factor>' in providers file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-13 16:37:05 -08:00
Tom Eastep
23c4ebf2a0
Correct FAQ 2a
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-12 16:49:32 -08:00
Tom Eastep
aff1e4ef0a
Correct ethtool commands in the FAQ
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-10 17:28:56 -08:00
Tom Eastep
58a0b9b5c1
Rename route_rules to rtrules -- phase 2
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-09 07:19:10 -08:00
Tom Eastep
4c2df6fea7
Rename route_rules to rtrules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-09 06:38:55 -08:00
Tom Eastep
123db94b71
Remove empty cell in documentation index
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-04 12:25:13 -08:00
Tom Eastep
4912199396
Shorewall 4.5 Documentation Updates
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-02 10:19:07 -08:00
Tom Eastep
b367fb46af
Add a caution to the Getting Started Doc
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-29 07:49:40 -08:00
Tom Eastep
1f051314b3
Update network diagram
2011-12-17 14:11:56 -08:00
Tom Eastep
57d0550311
Document use of .conf options as variables.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-17 07:40:43 -08:00
Tom Eastep
4abd626b32
New IPv6 network diagram
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-12 10:35:03 -08:00
Tom Eastep
6bb487bb68
Pass $CONFIG_PATH to compiler.pl
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-02 07:36:23 -08:00
Tom Eastep
1a968ec734
Add routefilter to one-armed router section
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-21 05:54:51 -08:00
Tom Eastep
4a7d4d6abc
Bring the upgrade issues doc up to date
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 08:46:02 -08:00
Tom Eastep
88a883da71
Update references to WIDE_TC_MARKS and HIGH_ROUTE_MARKS
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 08:45:47 -08:00
Tom Eastep
5097d36a33
Update Packing Marking doc for this release
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 07:41:17 -08:00
Tom Eastep
83d7cfa76a
Update documentation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 15:18:43 -08:00
Tom Eastep
d053faadde
Allow convertion of a legacy blacklist configuration
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-08 12:59:40 -08:00
Tom Eastep
0a605c63f2
Add note about separate blacklist file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-31 08:46:11 -07:00
Tom Eastep
e997b7e662
Update Build doc to reflect change to 'setversion'.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-30 05:26:23 -07:00
Tom Eastep
5e97dc1954
Fold long lines in the FAQ
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-25 14:28:18 -07:00
Tom Eastep
3ce5449257
Change the Caution at the top of the FAQs to refer to 4.4 rather than 4.3
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-24 06:23:33 -07:00
Tom Eastep
54ba4ed879
Add MARK column to route_rules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-23 07:56:53 -07:00
Tom Eastep
2316162d86
Fix last section of two-interface doc
2011-10-22 16:22:44 -07:00
Tom Eastep
cb13c02731
Fix last section of two-interface doc
2011-10-22 16:15:36 -07:00
Tom Eastep
18161b54e8
Update network graphics
2011-10-20 10:02:58 -07:00
Tom Eastep
efb768464c
Add FAQ 97a
2011-10-14 11:27:44 -07:00
Tom Eastep
1052b481f3
Mention IP_FORWARD=On in FAQ 1g
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-11 15:33:32 -07:00
Tom Eastep
a10909f791
Enhance FAQ 15
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-10 16:51:04 -07:00
Tom Eastep
6d56a8aa45
Merge branch '4.4.24'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-10 06:57:05 -07:00
Tom Eastep
668926c2a6
Add BALANCE_TABLE.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-09 09:00:14 -07:00
Tom Eastep
809f27decd
More alternate-specification fixes.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-09 07:06:01 -07:00
Tom Eastep
8115934adf
More alternate-specification fixes.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-09 07:05:08 -07:00
Tom Eastep
092da7ce67
Add proxyndp to 'pairs' documentation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-07 15:14:23 -07:00
Tom Eastep
109bed7037
Add proxyndp to 'pairs' documentation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-07 15:07:09 -07:00
Tom Eastep
835a056eb8
Implement BLACKLIST section in the rules file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-03 16:02:01 -07:00
Tom Eastep
0a5d5821ec
Support additional forms of column/value pair specification
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-02 11:45:55 -07:00
Tom Eastep
072f4752fc
Get rid of minimum column requirement
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-01 09:56:25 -07:00
Tom Eastep
5aa4534fbe
Correct copyright date in the Shorewall Lite doc
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-29 07:20:01 -07:00
Tom Eastep
765ec27fbb
Correct URL in the Documentation Index
2011-09-27 18:34:23 -07:00
Tom Eastep
a3d4edfd1f
Reorganize Shorewall Lite docs
2011-09-27 18:13:57 -07:00
Tom Eastep
37da8b5808
Rename and refine Shorewall Lite doc
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-27 15:44:19 -07:00
Tom Eastep
11064202a5
Update features
2011-09-26 17:32:06 -07:00
Tom Eastep
2b7515f434
Refer manpage readers to the 'Pairs' information
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-26 10:16:52 -07:00
Tom Eastep
9a4dfc4394
Implement an alternate way of specifying column contents.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-25 17:08:53 -07:00
Tom Eastep
dbf5f17b41
More tweaks to switch implementation.
...
1) Switch names may be 30 characters long.
2) Switch settings are retained over restart.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-24 07:34:58 -07:00
Tom Eastep
12bfc14c5f
More SWTICH changes.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 14:44:20 -07:00
Tom Eastep
caddd65412
Rename condition->switch and add more documentation.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 12:33:55 -07:00
Tom Eastep
cf80dc8858
Document OpenVZ brokenness on Squeeze
2011-09-21 19:27:38 -07:00
Tom Eastep
e894e15fa1
More netmap updates
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-19 08:28:04 -07:00
Tom Eastep
379d1d3201
Document how to use IPv6 netmap
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-18 10:56:11 -07:00
Tom Eastep
dd836507e0
Correct capitalization (SHARED->Shared)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-16 10:27:49 -07:00
Tom Eastep
551f93762d
Correct two typos in the Proxy ARP doc
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-15 14:46:50 -07:00
Tom Eastep
a16986ddc3
s /filter/sfilter/ in FAQ 17
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-05 17:24:42 -07:00
Tom Eastep
88e28775c9
Document SAFESTOP in FAQ 73.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-04 07:49:04 -07:00
Tom Eastep
678f6b4091
Add FAQ 97 about low TC outbound bandwidth
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-01 10:48:48 -07:00
Tom Eastep
d08ddd30ff
Update copyright in Documentation Index
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-31 07:59:05 -07:00
Tom Eastep
8b67052e5d
Add LXC.html to the documentation index and provide Graphic
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-31 07:49:43 -07:00
Tom Eastep
751094f408
Remove my email address from the LSM sample config
2011-08-31 07:07:25 -07:00
Tom Eastep
528f2b0aa2
Implement enable and disable commands for IPv4
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-25 16:00:27 -07:00
Tom Eastep
0b2a8b12c7
Implement Stateless NAT support.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-14 12:01:17 -07:00
Tom Eastep
f49ae2762b
Correct typos in Macros HOWTO
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-12 14:49:34 -07:00
Tom Eastep
c923dfdade
Correct Port Knocking HOWTO for iptables 1.4.12
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-09 16:22:46 -07:00
Tom Eastep
58f9a66587
Add FAQ 96 re: DISABLE_IPV6
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-02 07:33:01 -07:00
Tom Eastep
db8092d71e
Update VPN Basics Doc
2011-07-30 09:16:26 -07:00
Tom Eastep
9e6fd39145
Corrections to OPENVPN doc.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-30 06:57:55 -07:00
Tom Eastep
15a88f962f
Add a FAQ regarding $FW
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-14 07:48:51 -07:00
Tom Eastep
0ab7e06f84
Document renaming of scripts in the Build document
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-09 15:15:06 -07:00
Tom Eastep
92e244f1b8
Mention reversed interfaces in FAQ 1b.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-09 09:32:38 -07:00
Tom Eastep
290e5d3cfd
Add the release repository to the Build document
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-08 16:03:10 -07:00
Tom Eastep
7cb3392e3d
Expand explaination of rate limiting
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-08 09:53:56 -07:00
Tom Eastep
aa31e52b96
Show alternative message for partial PORT or PASV reply
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-07 06:43:07 -07:00
Tom Eastep
d31e2d67ba
DEFAULTS directive enforces max number of parameters
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-03 07:22:29 -07:00
Tom Eastep
ef848a559c
Correct TPROXY documentation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-30 06:36:48 -07:00
Tom Eastep
bd2cbfc5e2
Correct typo in the Manual Chains HOWTO
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-28 07:45:49 -07:00
Tom Eastep
67b8a10879
Correct parameterized default action in the FAQ
2011-06-25 10:26:45 -07:00
Tom Eastep
6cc2503f60
More FAQ updates
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-25 08:23:32 -07:00
Tom Eastep
961b9b5e6d
More FAQ cleanup
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-25 07:44:13 -07:00
Tom Eastep
8b61e4500a
Documentation Updates (mostly FAQ)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 13:40:50 -07:00
Tom Eastep
6da5380230
Update troubleshooting doc for -T option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 11:48:14 -07:00
Tom Eastep
0d2e2a14d3
Document additional parameters to standard default actions and DEFAULT in macro files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 08:05:13 -07:00
Tom Eastep
44599530ea
Remove warnings about duplicate zone/interface dynamic hosts
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 18:27:18 -07:00
Tom Eastep
c112f2381e
Document IPv6 Dynamic Zones
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 10:59:14 -07:00
Tom Eastep
f7322a674d
Update ipset doc with Shorewall6 and Shorewall-init info.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 15:00:48 -07:00
Tom Eastep
a4b77d7267
Update compiler.pl documentation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 07:56:03 -07:00
Tom Eastep
6f3497e353
Update Audit.xml with parameterized standard action info
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 06:50:18 -07:00
Tom Eastep
b7a3142620
Document parameterized default actions
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 15:25:48 -07:00
Tom Eastep
0cb98737f7
Document DEFAULTS
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 07:29:25 -07:00
Tom Eastep
642319d706
Change annotated documentation default
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-06 15:40:21 -07:00
Tom Eastep
c42c6864b4
Don't modify the .conf file installed in configfiles.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-06 09:46:22 -07:00
Tom Eastep
4436d479b4
Extend FAQ 4
2011-06-05 17:58:20 -07:00
Tom Eastep
b20156de9e
Add note about 'burst' to the complex TC doc
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-05 06:33:33 -07:00
Tom Eastep
818b927b73
Make Kernel Config article unmaintained
2011-06-04 06:31:25 -07:00
Tom Eastep
eba1473600
Change heading in the Documentation Index
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-03 07:39:08 -07:00
Tom Eastep
c3600eb814
Document -p and PLAIN
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-02 06:43:23 -07:00
Tom Eastep
0287d96aa2
Finish filtering implementation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-26 13:38:44 -07:00
Tom Eastep
704f3fdd55
Document audited default actions
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-24 07:24:15 -07:00
Tom Eastep
5d04c93a16
Implement LEGACY_FASTSTART option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-22 15:36:29 -07:00
Tom Eastep
e511c5a8d5
Corrections to Audit documents
2011-05-22 10:25:43 -07:00
Tom Eastep
a8fd3281d9
Add CONFIG_PATH section
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-22 08:59:05 -07:00
Tom Eastep
57d276f0b3
Add default action example
2011-05-22 08:02:23 -07:00
Tom Eastep
b844fc3107
Correct typo in Audit doc
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-22 06:10:58 -07:00
Tom Eastep
ad050763cc
Documentation update 2 for AUDIT support
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-21 17:22:19 -07:00
Tom Eastep
e940f5018e
Implement whitelisting.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-18 08:30:01 -07:00
Tom Eastep
8ec33cd6dd
Update accounting documentation
2011-05-17 18:35:28 -07:00
Tom Eastep
fd70e73d34
Add ACCOUNTING_TABLE option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-17 12:51:33 -07:00
Tom Eastep
43a21e122a
Update Install doc with absolute path name info
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-14 07:20:38 -07:00
Tom Eastep
02baf94246
Fix typo in starting/stopping doc
2011-05-08 05:44:24 -07:00
Tom Eastep
68fe7c733e
Correct ipset allowed characters
2011-04-11 10:02:18 -07:00
Tom Eastep
c902045348
Document method of turning off TSO/GSO
2011-04-11 09:49:48 -07:00
Tom Eastep
5734c84499
Documentation updates
2011-04-11 09:37:50 -07:00
Tom Eastep
f2d5e79684
Add link to 2011 Linuxfest Doc
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-04-10 15:25:52 -07:00
Tom Eastep
6e7a7b7f39
Clarify what Shorewall UPnP does and does not do
2011-04-10 10:29:10 -07:00
Tom Eastep
81437b2bb1
Don't mention downloads in the complex TC doc
2011-04-04 19:01:06 -07:00
Tom Eastep
6b93ff3a91
Clarify Debian file location
2011-04-03 19:32:39 -07:00
Tom Eastep
a47357a6e8
Re-add LXC doc
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-04-03 10:27:52 -07:00
Tom Eastep
cc633c5bd9
Shorewall 4.4.19 Changes
2011-04-03 09:56:30 -07:00
Tom Eastep
d7fb4e8ed9
More corrections to Tuomo's Example
2011-03-02 07:13:14 -08:00
Tom Eastep
e2c8d7b3e1
Correct Tuomo's workaround description
2011-03-01 14:04:06 -08:00
Tom Eastep
b7b1d5a7ab
Link Proxy NDP section to the Vserver example of same
2011-02-28 13:40:20 -08:00
Tom Eastep
323fef9b51
Add additional info to the Vserver NDP section
2011-02-28 13:38:03 -08:00
Tom Eastep
cb94ca821e
Correct typo
2011-02-28 13:08:28 -08:00
Tom Eastep
e9a3dc85fc
Add proxy NDP example to the Vserver article
2011-02-28 13:05:04 -08:00
Tom Eastep
ac45a9b392
Fix typo in the Lenny->Squeeze doc
2011-02-19 09:28:09 -08:00
Tom Eastep
e47cb61c33
Introduce 'accountfwd' chain for forwarded accounting in sectioned configuration
2011-02-18 15:44:55 -08:00
Tom Eastep
da1ae7d301
Add bleve's tip to the MultiISP doc
2011-02-18 09:02:56 -08:00
Tom Eastep
e5fb8b0a35
Add Simple TC warning to the Lenny->Squeeze article
2011-02-12 20:02:54 -08:00
Tom Eastep
5c0b592934
Section the accounting file
2011-02-12 12:47:15 -08:00
Tom Eastep
27add33ff3
Add 'show ipa' to Accounting doc
2011-02-10 13:54:51 -08:00
Tom Eastep
f5a39a4aa8
Updates for new release model
2011-02-07 16:32:51 -08:00
Tom Eastep
b4b59119ef
Don't allow non-accounting chain in the CHAIN accounting column
2011-02-07 16:32:38 -08:00
Tom Eastep
2c2fdab0fe
Rename USE_LOCAL_MODULES to EXPORTMODULES
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-02-06 08:42:35 -08:00
Tom Eastep
98e3827246
Remove rant in getting started doc
2011-02-04 06:45:53 -08:00
Tom Eastep
ea2c72d1b1
Prepare for 4.4.17
2011-02-04 06:44:02 -08:00
Tom Eastep
b61ad28897
Add threat to GettingStarted doc
2011-02-03 20:38:41 -08:00
Tom Eastep
ac13be4ed4
Add rate-limiting example to rules manpages
2011-02-03 13:26:41 -08:00
Tom Eastep
ae4d675d0d
Document chain name length restriction
2011-01-31 07:07:10 -08:00
Tom Eastep
a9f5721851
Add OpenSuSE 11.3 to distros tested with per-IP accounting
2011-01-31 06:55:59 -08:00
Tom Eastep
a026ffabe1
Add iptaccount -l example with output
2011-01-30 14:04:26 -08:00
Tom Eastep
2cf3d15d45
Mention the iptaccount --help command
2011-01-30 10:46:35 -08:00
Tom Eastep
303afe8c7e
Some accounting fixes (code and docs)
2011-01-30 09:39:14 -08:00
Tom Eastep
26cea4336e
Document per-IP accounting
2011-01-30 08:33:06 -08:00
Tom Eastep
156b04c380
Implement Run-time Address Variables
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-01-26 09:08:48 -08:00
Tom Eastep
4098535a43
Revise info about mis-using Vserver zones
2011-01-23 12:47:13 -08:00
Tom Eastep
d5b0a39b45
Add some info about mis-using Vserver zones
2011-01-23 09:45:06 -08:00
Tom Eastep
a7dd95d394
Add some info about mis-using Vserver zones
2011-01-23 09:43:35 -08:00
Tom Eastep
228eeabb7d
More explainations in the Simple TC doc
2011-01-23 08:36:45 -08:00
Tom Eastep
7b73323301
Add more introductory material to the Simple TC document
2011-01-23 07:53:56 -08:00
Tom Eastep
a2b440b093
Add USE_LOCAL_MODULES option
2011-01-22 08:13:17 -08:00
Tom Eastep
985fd990c6
Update Shorewall-4 with info about shorewall-init
2011-01-22 07:30:40 -08:00
Tom Eastep
d0858f6034
Add module-loading section to Shorewall-lite doc
2011-01-21 15:49:28 -08:00
Tom Eastep
3a2da73808
Document INCLUDE changes in the basics doc
2011-01-15 15:56:20 -08:00
Tom Eastep
265ca85d02
Allow INCLUDE in extension scripts
2011-01-15 15:43:45 -08:00
Tom Eastep
4a69ad35ee
Resolve conflicts -- take 2
2011-01-13 19:24:15 -08:00
Tom Eastep
edde07fd85
Resolve conflects
2011-01-13 19:01:44 -08:00
Tom Eastep
fce558d97e
Correct 'shorewall-common' references in the quickstart guides
2011-01-13 18:53:03 -08:00
Roberto C. Sanchez
28682a2428
eliminate obsolete references to shorewall-common
2011-01-13 20:02:19 -05:00
Tom Eastep
08f09d7de0
Deprecate EXPORTPARAMS
2011-01-09 10:12:36 -08:00
Tom Eastep
97672455b2
Correct typo in the FAQ
2011-01-09 09:18:21 -08:00
Tom Eastep
3c4336da58
Enhance DNAT documentation again
2011-01-07 10:27:35 -08:00
Tom Eastep
a8084370b6
Correct bridge example in the OPENVPN doc
2011-01-05 06:57:42 -08:00
Tom Eastep
6a7dad5e18
Merge branch 'master' into 4.4.16
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-12-27 12:32:28 -08:00
Tom Eastep
79cbfd0126
Allow '--' to specify '-' as an action parameter
2010-12-26 17:03:05 -08:00
Tom Eastep
4111432a52
Implement optional action parameters
2010-12-26 16:13:53 -08:00
Tom Eastep
31bd00e42e
Document parameterized actions
2010-12-26 08:59:31 -08:00
Tom Eastep
29da130eef
Add a note about the SOURCE and DEST columns
2010-12-24 14:03:55 -08:00
Tom Eastep
a51eac91b0
Add documentation for parameterized actions
2010-12-22 15:09:54 -08:00
Tom Eastep
880a94e42f
Update documentation regarding Hack removal
2010-12-14 11:19:17 -08:00
Tom Eastep
aba63d5c9b
More action/macro documentation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-12-13 09:06:29 -08:00
Tom Eastep
e8b26236e2
Shuffle the Compiled Program article
2010-12-12 19:00:15 -08:00
Tom Eastep
b786da4abb
Document lack of configfiles/ in Debian
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-12-12 08:45:54 -08:00
Tom Eastep
48b00d719e
Complete Proxy NDP implementation
2010-12-11 10:04:07 -08:00
Tom Eastep
2f70c0b71a
Add Optional/Required interface section to the config basics doc
2010-12-09 10:04:52 -08:00
Tom Eastep
627733d925
Mention DHCPfwd in the DHCP doc - TAKE 2
2010-12-01 11:39:48 -08:00
Tom Eastep
b573826226
Mention DHCPfwd in the DHCP doc
2010-12-01 11:37:40 -08:00
Tom Eastep
c0ba395276
Update IPSEC title
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-11-28 10:00:31 -08:00
Tom Eastep
095345f95c
Mention 'weak host model' in the Fool's firewall article
2010-11-27 11:14:51 -08:00
Tom Eastep
681529b664
Clarify 'switch' in the Fool's firewall article
2010-11-27 11:01:20 -08:00
Tom Eastep
2702d7f208
Implement header matching
2010-11-24 10:46:06 -08:00
Tom Eastep
972d00c300
Add another SNAT virtual alias example
2010-11-22 12:04:20 -08:00
Tom Eastep
93f9e8914c
Add another SNAT virtual alias example
2010-11-22 11:59:59 -08:00
Tom Eastep
9b31906c6c
Update bogus link in the features page
2010-11-21 21:40:56 -08:00
Tom Eastep
6083693181
Tweak FAQ 16c - LOGFILE
2010-11-21 19:37:54 -08:00
Tom Eastep
fdd1500971
Add FAQ 16c - LOGFILE
2010-11-21 12:05:28 -08:00
Tom Eastep
a17c47b017
Add FAQ 16b - dmesg
2010-11-21 10:48:23 -08:00
Tom Eastep
eac128b5e2
Add routes file to manpage indexes; modify links in the features page
2010-11-20 13:51:16 -08:00
Tom Eastep
e052951890
More /etc/shorewall/routes documentation
2010-11-17 17:27:48 -08:00
Tom Eastep
4ca1098e3e
Be more explicit about route rules with SOURCE lo
2010-11-15 21:03:53 -08:00
Tom Eastep
17cc0bad45
Mention IPv6 in the tcfilters section
2010-11-15 12:38:28 -08:00
Tom Eastep
c9737930a2
Complete Shared TC documentation
2010-11-14 14:48:16 -08:00
Tom Eastep
a1e3683651
Documentation updates
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-11-10 14:38:55 -08:00
Tom Eastep
8c1bdc803b
Fix typo in address-type section; add faq 94
2010-11-04 09:57:33 -07:00
Tom Eastep
e9b7b8acad
Add address-type info to config file basics doc
2010-11-03 16:31:50 -07:00
Tom Eastep
5b7a2f002a
Add helpers file to advice about modifying loaded modules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-11-03 12:47:50 -07:00
Tom Eastep
d3f729c56e
Clarify applications running on the firewall section
2010-10-27 15:51:29 -07:00
Tom Eastep
54fdce9e22
Fix typos in Introduction
2010-10-26 07:32:50 -07:00
Tom Eastep
0f1370f265
Correct typo in upgrade issues
2010-10-21 07:57:39 -07:00
Tom Eastep
959b8f5167
Revise Vserver article
2010-10-10 08:29:19 -07:00
Tom Eastep
aad8a7b213
Clear FORWARD_CLEAR_MARK setting in the remaining config files
2010-10-09 11:31:19 -07:00
Tom Eastep
38851fe446
Delete obsolete options from shorewall.conf
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-04 07:44:28 -07:00
Tom Eastep
ac8c7ed7d4
Updating bridge documents
2010-10-03 14:12:38 -07:00
Tom Eastep
2599e44fca
More Tweaks to FAQ 93
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-03 13:03:11 -07:00
Tom Eastep
4c1c63617b
Tweak FAQ 93
2010-10-03 12:56:09 -07:00
Tom Eastep
e62033ed13
Add FAQ 93 re bridging.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-03 12:52:46 -07:00
Tom Eastep
cee05d9763
Refine -lite handling of scfilter.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-03 12:52:30 -07:00
Tom Eastep
432534a650
Eliminate need to restart -lite to extract scfilter
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-03 10:56:55 -07:00
Tom Eastep
5b86cbdabf
Document scfilter in the Extensions Scripts Doc
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-01 12:29:41 -07:00
Tom Eastep
468c918121
Correct grammar in FAQ 92
2010-09-28 08:05:18 -07:00
Tom Eastep
a7be406fb9
Add FAQ 92
2010-09-28 08:04:02 -07:00
Tom Eastep
26ec7cee1d
Update ipset doc with multiple match syntax
2010-09-21 06:59:55 -07:00
Tom Eastep
c21a4d786d
add ipset manpage to the index
2010-09-20 16:00:19 -07:00
Tom Eastep
1d650b41cd
Remove blacklisting by destination IP address support
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-15 15:24:58 -07:00
Tom Eastep
2ff06f5f0a
Update simple TC doc
2010-09-14 07:59:01 -07:00
Tom Eastep
9f786b7c59
Delete mention of triggers in ipset doc
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-12 08:01:54 -07:00
Tom Eastep
b937290740
Add version cautions to blacklisting doc
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-12 07:58:13 -07:00
Tom Eastep
7e8979157c
Update Features Page re: Virtualization
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-08 15:47:23 -07:00
Tom Eastep
2cb5aaeb07
Correct interface reference
2010-09-08 13:12:19 -07:00
Tom Eastep
a4606bee80
Pretty up Network Diagram -- exchange caption location
2010-09-08 12:57:35 -07:00
Tom Eastep
bbe5dae9b0
Pretty up Network Diagram some more
2010-09-08 12:44:40 -07:00
Tom Eastep
0907a7b6c2
Pretty up Network Diagram
2010-09-08 12:38:14 -07:00
Tom Eastep
7f72d66b90
A couple of documentation updates
2010-09-08 11:55:16 -07:00
Tom Eastep
8853de0c2e
Fix links to secmark manpages
2010-09-07 15:03:05 -07:00
Tom Eastep
8d63e04926
Yet more docunentation updates
2010-09-06 20:37:34 -07:00
Tom Eastep
50b4bd8dfe
More Blacklist and Secmark documentation updates
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-06 17:26:49 -07:00
Tom Eastep
c6f58ba924
Enhance SELinux support:
...
- Add state match
- Add user/group match
- Add examples to the man pages
2010-09-06 09:06:40 -07:00
Tom Eastep
f93413b2a7
Update Multi-ISP doc for variable name change in 4.4.8.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-31 15:33:22 -07:00
Tom Eastep
8077c9e1c3
Add FAQ 91
2010-08-30 11:07:37 -07:00
Tom Eastep
c2558af9c8
Document and correct implementation of EXCLUSION_MASK
...
1. Require KLUDGEFREE if existing rule uses mark match
2. Pretty up the code
3. Use MASK_BITS rather than TC_BITS when calculating the offset of EXCLUSION_MASK
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-28 08:29:47 -07:00
Tom Eastep
6b0fa8b4e2
Change note about MARK_IN_FORWARD_CHAIN
2010-08-19 15:33:12 -07:00
Tom Eastep
baf8e21a80
Add reference to manual chains article for the compile extension
2010-08-17 09:23:43 -07:00
Tom Eastep
bc19a80ac4
Correct FAQ 2 for Shorewall-lite
2010-08-14 07:14:52 -07:00