Commit Graph

9085 Commits

Author SHA1 Message Date
Tom Eastep
46644a0336 Add instructions for disabling existing firewalls 2010-07-21 11:49:37 -07:00
Tom Eastep
d897635af5 Allow bizarre overriding of SOURCE/DEST with ipsets
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-20 16:03:12 -07:00
Tom Eastep
1de257be19 Make ADD and DELETE work with any type of ipset.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-20 15:42:11 -07:00
Tom Eastep
c9423491f2 Don't mention 4.5 on Manpages page 2010-07-19 15:11:55 -07:00
Tom Eastep
8eeb71dc1b Fix inconsistencies in manpages 2010-07-19 14:45:05 -07:00
Tom Eastep
79128605b1 Validate all IPSET Names 2010-07-18 17:18:10 -07:00
Tom Eastep
cbb524b067 Implement ADD/DEL commands
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-18 08:46:38 -07:00
Tom Eastep
d2bb96be88 Emphasize that you must have a Nic to post on the Shorewall channel 2010-07-18 07:34:03 -07:00
Tom Eastep
47961f3fd5 Update release notes to mention link local network error
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-16 10:19:29 -07:00
Tom Eastep
d99aff5e09 Use Perl Constants rather literals for IPv6 Networks
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-16 10:06:29 -07:00
Tom Eastep
27937f32e3 Document IPv6 multicast network fix 2010-07-16 09:37:38 -07:00
Tom Eastep
17bdcc1360 Eradicate incorrect multicast network address 2010-07-16 09:33:17 -07:00
Tom Eastep
e0ae48f4c4 Document fix for IPv6 shorecap program
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-15 13:32:10 -07:00
Tom Eastep
4768b0890e Fix bug in Shorewall6-lite/shorecap 2010-07-15 12:50:35 -07:00
Tom Eastep
9977f778ad Link to a better Netfilter Diagram 2010-07-15 11:07:14 -07:00
Tom Eastep
e4d35ee3cb Add 'yes' to valid ipsec options in /etc/shorewall/masq 2010-07-14 07:01:18 -07:00
Tom Eastep
f92f75196c Correct accidental modification of action.Drop 2010-07-14 06:27:27 -07:00
Tom Eastep
a29921c9d2 Reverse order of ICMPv6 and Multicast/anycast filtering 2010-07-13 13:03:55 -07:00
Tom Eastep
d447482dd6 Fix typo in rules manpages 2010-07-13 07:37:14 -07:00
Tom Eastep
b52b7c422f Drop multicast and anycast in Drop and Reject actions 2010-07-12 16:44:34 -07:00
Tom Eastep
c1b212225e Use uniform coding style in latest changes 2010-07-12 13:07:11 -07:00
Tom Eastep
328e1b7f6a Don't generate rules to link local net from vserver zones 2010-07-12 12:39:51 -07:00
Tom Eastep
59189d6324 Don't generate rules from link local net to vserver zones 2010-07-12 11:52:56 -07:00
Tom Eastep
eff84ae8a6 Add warning about ff80::/10 in shorewall6-interfaces manpage 2010-07-12 11:19:11 -07:00
Tom Eastep
4792d1e5f1 Fix nets= in Shorewall6 2010-07-11 19:52:18 -07:00
Tom Eastep
5a5546ef1b Set version to 4.4.11 2010-07-09 09:01:08 -07:00
Tom Eastep
d0c1c3d69c Change comment to clarify assumption about function arguments 2010-07-08 17:45:18 -07:00
Tom Eastep
9eca7fb37b Simplify logic in loopback helper functions 2010-07-08 17:11:27 -07:00
Tom Eastep
8d5f04d5a5 Correct TC_PRIO description in shorewall.conf and shorewall6.conf manpages 2010-07-07 15:35:26 -07:00
Tom Eastep
591a4bc7f6 Revert version of modules with only whitespace changes; rename a couple of functions for clarity 2010-07-07 06:43:07 -07:00
Tom Eastep
74092a9b14 Restrict Shorewall6 netstat call to IPv6 only 2010-07-06 06:42:37 -07:00
Tom Eastep
ecd22d34fa Reword warning message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-05 13:15:13 -07:00
Tom Eastep
35a4b8e7f4 Update Vserver FAQ
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-05 13:12:06 -07:00
Tom Eastep
02fab09a14 Add PERL= option to shorewall.conf and shorewall6.conf
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-05 13:11:52 -07:00
Tom Eastep
4547067da9 Document fix for missing closing quote 2010-07-05 11:43:37 -07:00
Tom Eastep
31a9d24164 Fix missing quote when REQUIRE_INTERFACE=Yes 2010-07-05 09:47:03 -07:00
Tom Eastep
f977631af9 Just reset provider bits in FORWARD chain 2010-07-05 09:46:24 -07:00
Tom Eastep
b445b4fdd9 Fix compiler detection of FWMARK_RT_MASK -- take 2 2010-07-05 08:51:13 -07:00
Tom Eastep
0e87ccbcfd Fix compiler detection of FWMARK_RT_MASK 2010-07-05 08:39:32 -07:00
Tom Eastep
542557069e Back out a couple of harmless but unintended changes 2010-07-05 08:02:51 -07:00
Tom Eastep
aa6bb6e911 Improve wording of FORWARD_CLEAR_MARK description 2010-07-05 07:53:31 -07:00
Tom Eastep
898c3a045f Bump version to RC1 2010-07-05 07:08:06 -07:00
Tom Eastep
6a644716c9 Unconditionally use /usr/bin/perl 2010-07-04 17:13:33 -07:00
Tom Eastep
312624cef5 Fix NET3 bug (netmap) 2010-07-04 15:58:37 -07:00
Tom Eastep
7689831cd7 Minor cleanup of 4.4.11 Beta 3.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-04 09:29:16 -07:00
Tom Eastep
2ee4fd8f5a Add FWMARK_RT_MASK capability.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-04 09:08:04 -07:00
Tom Eastep
d3e30b5fe4 Add FORWARD_CLEAR_MARK option 2010-07-03 17:03:42 -07:00
Tom Eastep
5d1e19364a Bump version to Beta 3 2010-07-03 10:54:39 -07:00
Tom Eastep
148b251766 Only send loopback traffic to the 'loopback' chain 2010-07-03 10:53:25 -07:00
Tom Eastep
21ce6f9b84 Add new zone-list function to return all but firewall zone.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-03 08:33:10 -07:00