shorewall_code

mirror of https://gitlab.com/shorewall/code.git synced 2024-11-29 02:54:18 +01:00

Author	SHA1	Message	Date
Tom Eastep	a8937e6bc8	Correct harmless typo Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-09-18 10:06:41 -07:00
Tom Eastep	5e1cf17ebc	DOCKER-INGRESS support Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-09-17 10:57:29 -07:00
Tom Eastep	85a7ec6fe5	Correct module loading in the compiler Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-09-14 15:08:38 -07:00
Tom Eastep	2ed11c7e15	Default ADD_IP_ALIASES to 'No' in Shorewall6 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-09-12 11:55:53 -07:00
Tom Eastep	4f79d2e82b	Move and simplify handling of nat columns Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-09-12 10:53:04 -07:00
Tom Eastep	e6a2ba78a4	Correct handling of DEST column during action invocation Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-09-08 10:05:37 -07:00
Tom Eastep	1065c2951b	Allow NAT targets to be passed to the Event actions Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-09-08 09:46:03 -07:00
Tom Eastep	3b373f3f21	Correct handling of ipsets in the DEST column of the snat file - Also corrected handling of exclusion Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-09-06 11:30:42 -07:00
Tom Eastep	b54a691110	Improve dynamic gateway detection - Use provider's routing table, if any Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-23 15:04:47 -07:00
Tom Eastep	90f33dd436	Eliminate MODULE_SUFFIX Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-23 12:48:14 -07:00
Tom Eastep	34e4fffd7d	Module suffix changes - Re-order default list in the compiler to match lib.common - MODULE_SUFFIX="ko ko.xz" in standard .conf files. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-21 12:44:23 -07:00
Tom Eastep	419ff8903b	Invert logic in Shorewall::Chains::delete_reference() - better readability - similar change in Shorewall::Chains::adjust_reference_counts() Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-19 12:25:27 -07:00
Tom Eastep	390ac30be8	Remove a superfluous line of code from Shorewall::Chains::format_rule() Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-19 12:12:54 -07:00
Tom Eastep	8cb98f16ea	Add a comment in Shorewall::Chains::optimize_level8() Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-19 08:08:24 -07:00
Tom Eastep	5a9f179e25	Allow port variables as the server port in DNAT rules Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-16 15:36:18 -07:00
Tom Eastep	8641d53bd1	Use MUTEX_TIMEOUT for ip[6]tables --wait interval Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-15 14:02:08 -07:00
Tom Eastep	7e3521e221	RESTORE_WAIT_OPTION Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-13 18:56:40 -07:00
Tom Eastep	ddefde2d10	Correct handling of address variables in DNAT rule. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-13 08:30:11 -07:00
Tom Eastep	1a2647618e	Allow runtime address variables as the server IP in DNAT rules Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-12 12:18:16 -07:00
Tom Eastep	72293883dd	Tabify the Zones module Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-12 11:28:14 -07:00
Tom Eastep	c31397532c	Verify that parent and child zones have a common interface Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-12 09:24:05 -07:00
Tom Eastep	d0861e813b	Make Shorewall's handling of '+' consistent with that of iptables Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-12 08:22:57 -07:00
Tom Eastep	da62bd2b32	Use a hash slice in recently-added code Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-11 13:38:34 -07:00
Tom Eastep	a504820d19	Correct optimize level 8 handling of policy and policychain Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-07 16:56:30 -07:00
Tom Eastep	4c2c1bcdf1	Export CONFDIR and SHAREDIR to the generated script. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-06 13:42:01 -07:00
Tom Eastep	5589ab76d9	Add arguments to the enabled and disabled user exits Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-03 12:44:15 -07:00
Tom Eastep	6425e5ae5d	Remove superfluous white space in the generated script Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-08-02 14:09:05 -07:00
Tom Eastep	8521c6f750	Merge branch '5.1.5'	2017-08-02 14:02:03 -07:00
Tom Eastep	80e6cd8a2f	Add enabled and disabled user exits Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-07-29 15:15:57 -07:00
Tom Eastep	69a0061d0f	Correct handling of MAC addresses in the accounting file. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-07-27 14:55:19 -07:00
Tom Eastep	eea3cca90c	Correct handling of USER/GROUP in the OUTPUT accounting section Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-07-27 09:01:46 -07:00
Tom Eastep	a420ef04d9	Correct tcfilter source port handling when BASIC_FILTERS=Yes Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-07-26 16:48:53 -07:00
Tom Eastep	2d0cb5c2d8	Process the snat file if the masq file is empty Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-07-06 09:09:52 -07:00
Tom Eastep	9d160d4342	Add RESTORE_DEFAULT_ROUTE to shorewall6.conf samples Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-27 15:50:56 -07:00
Tom Eastep	f050fc6e05	Avoid issues with Perl 5.30 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-25 20:57:48 -07:00
Tom Eastep	aee8c14ea6	Correct update setting of USE_NFLOG_SIZE Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-25 17:10:44 -07:00
Tom Eastep	ff2323b249	Add the USE_NFLOG_SIZE option Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-25 16:54:14 -07:00
Tom Eastep	b4a06e9656	NFLOG_SIZE capability Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-25 13:44:26 -07:00
Tom Eastep	4122021344	Improve editing of port numbers/service names Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-25 07:44:23 -07:00
Tom Eastep	71d50e0217	Use --nflog-size rather than --nflog-range Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-25 07:43:39 -07:00
Tom Eastep	1b6f15d577	Correct multiple fallback providers Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-23 07:41:23 -07:00
Tom Eastep	2f5687c65a	Don't generate multihop routes unnecessarily Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-18 09:37:41 -07:00
Tom Eastep	62a60ad995	Add comments around functions moved from IPAddrs.pm to Chains.pm. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-14 12:26:22 -07:00
Tom Eastep	b1ba05db2b	Correct handling of port ranges and port variables Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-12 17:07:55 -07:00
Tom Eastep	57f7cb4f3c	Runtime Port Variables Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-12 11:55:56 -07:00
Tom Eastep	4cf60258af	Correct a runtime error with NFQUEUE. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-06-12 11:07:54 -07:00
Tom Eastep	965a8e8f68	Minor cleanup of the Config module Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-05-15 09:29:12 -07:00
Tom Eastep	eb26a467e9	Add snat and mangle to %config_files - Tabify initialization of %config_files Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-05-12 08:37:54 -07:00
Tom Eastep	bb70a3637b	Add PERL_HASH_SEED option Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-05-02 07:51:37 -07:00
Tom Eastep	d4e05f6163	Correct handling of IPv6 tunnel-src and tunnel-dst Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-04-23 08:36:22 -07:00
Tom Eastep	6201f37913	Clarify <filename> in the generated script's header Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-04-18 16:45:17 -07:00
Tom Eastep	7ee44d6b4b	Correct a typo in the generated script's header syntax description Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-04-18 16:31:51 -07:00
Tom Eastep	363b8f9802	Correct validation of string interface options. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-04-13 06:48:14 -07:00
Tom Eastep	00d4724fd8	Some cleanup of the Chains module Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-04-05 20:14:13 -07:00
Tom Eastep	d2392c3a9b	Add IPv6 UPnP Support Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-24 09:54:36 -07:00
Tom Eastep	0763b27b0b	Correct a comment Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-22 15:59:55 -07:00
Tom Eastep	8b90827611	Minor cleanup of split_columns() Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-22 10:18:07 -07:00
Tom Eastep	8507c97b5a	Clean up column/value pair editing. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-22 09:46:52 -07:00
Tom Eastep	a6306f2c08	?reset action param now sets parmsmodified. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-18 12:53:05 -07:00
Tom Eastep	bdcf93f92c	Report the call site when issuing messages from an action. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-17 17:08:19 -07:00
Tom Eastep	6b84727886	Delete useless blank line Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-17 13:26:07 -07:00
Tom Eastep	55cf06d0a8	Correct all+ handling in the policy file Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-15 10:09:53 -07:00
Tom Eastep	5b85627fb8	Merge branch '5.1.3' Conflicts: Shorewall/Perl/Shorewall/Config.pm Shorewall6/Actions/action.Multicast	2017-03-14 14:16:47 -07:00
Tom Eastep	a447d726fa	Revert change which screwed up ?begin perl ... ?end perl line numbering Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-14 12:44:33 -07:00
Tom Eastep	fe29adbd66	Correct use of $family in combined actions Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-13 16:52:16 -07:00
Tom Eastep	0b8945da8e	Correctly handle expansion of option names Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-13 10:20:15 -07:00
Tom Eastep	da363880a9	Always quote the LEVEL and DEFAULT settings when updating Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-13 09:51:58 -07:00
Tom Eastep	037fe490f3	Process config options in file order during update. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-12 17:09:41 -07:00
Tom Eastep	b13014c9ab	Expand variables in .conf except when upgrading Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-11 11:21:07 -08:00
Tom Eastep	76aef6cb04	Correct generation of '! --syn' Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-11 08:43:04 -08:00
Tom Eastep	4c72b3ee58	Make sure that $LOG_LEVEL is defined Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-10 11:06:23 -08:00
Tom Eastep	d9071c5308	Correct $LOG_LEVEL expansion Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-10 10:24:24 -08:00
Tom Eastep	49811d24fa	Correct convertion of tcrules->mangle when a writable mangle exists Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-07 15:21:45 -08:00
Tom Eastep	0ec7bc846e	Correct logging in inline policy actions Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-07 13:58:14 -08:00
Tom Eastep	8e000b158e	Correct the handling of tcp-reset Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-07 10:33:51 -08:00
Tom Eastep	f1d1ab6411	Implement tcp:!syn in PROTO column Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-07 10:33:20 -08:00
Tom Eastep	5f1370f1b4	Clear the firewall on Debian systemd 'stop' command Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-06 11:22:55 -08:00
Tom Eastep	dc53fa2665	Correct file/line from ?error Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-06 11:02:06 -08:00
Tom Eastep	356d3fa2dd	Correct new directives with respect to omitting Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-05 12:09:54 -08:00
Tom Eastep	80d93235b5	Eliminate builtin actions Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-05 12:09:33 -08:00
Tom Eastep	c1e7fce1c5	Report the file/line where action invoked Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-05 09:29:00 -08:00
Tom Eastep	63ec936f21	Remove determinism sorts	2017-03-04 19:05:33 -08:00
Tom Eastep	63cf7dd699	Revert "Move $test to the config module." This reverts commit `876d76b294`.	2017-03-04 18:45:40 -08:00
Tom Eastep	876d76b294	Move $test to the config module. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-02 11:42:07 -08:00
Tom Eastep	9075a6dd7a	Copy libs and footer when compiling for test Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-03-02 10:49:49 -08:00
Tom Eastep	118e4f73c9	Correct validation of LOG_LEVEL Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-19 10:25:44 -08:00
Tom Eastep	10b39f3855	Correct typo (allowMast -> allowMcast) Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-19 10:25:27 -08:00
Tom Eastep	944888c04f	Handle broadcast and muticast separately Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-15 10:16:20 -08:00
Tom Eastep	48d301b2cf	Rename the policy LIMIT column to RATE Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-12 10:17:43 -08:00
Tom Eastep	735919d8d3	Add LOG_LEVEL option Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-12 09:52:55 -08:00
Tom Eastep	977fa81d46	Make 'none' case-insensitive in policy action specifications Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-10 11:43:51 -08:00
Tom Eastep	7e984af094	Some cleanup of policy actions - Allow '+' in policy file action list Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-07 13:19:53 -08:00
Tom Eastep	dab9e1d7c4	Assume no default actions Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-06 14:45:43 -08:00
Tom Eastep	b9471a2499	Correct parsing of the POLICY column Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-06 14:15:24 -08:00
Tom Eastep	b2553fb008	Another change to allow builtin actions as default actions. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-06 13:25:10 -08:00
Tom Eastep	92133e5a6b	Default-action lists Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-06 10:11:48 -08:00
Tom Eastep	686ca9d3a3	Allow builtin actions in xxx_DEFAULT settings. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-02-05 15:21:57 -08:00
Tom Eastep	70a395892f	Make BLACKLIST work correctly in the blrules file - Add the 'section' action option Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-23 15:03:02 -08:00
Tom Eastep	2bbb5c8c1e	Add hack to distinguish between the BLACKLIST macro and action Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-23 09:23:26 -08:00
Tom Eastep	33b4ee4d31	Don't quote variable values in ERROR/WARNING/INFO directives Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-01-23 09:00:18 -08:00

1 2 3 4 5 ...

3916 Commits