teastep
473f7d7361
Back out first round of modularization
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4445 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-08-27 17:27:48 +00:00
teastep
f9685d5ddd
Bring forward tcrules enhancements from 3.2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4369 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-08-17 16:10:09 +00:00
teastep
3d81581c01
Bring 3.2.2 Changes forward
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4320 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-08-08 23:03:06 +00:00
teastep
1eb563d8ee
Update shorewall.conf versions
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4258 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-07-21 02:20:13 +00:00
teastep
b4ded2a9ac
Remove dynamic zones (again)
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4231 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-07-18 13:27:28 +00:00
teastep
3f9c8996bb
Back out all post 3.2 changes
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4229 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-07-16 23:06:18 +00:00
teastep
8c9e8cc75c
Normal start of new development thread (remove dynamic zones :-)
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4219 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-07-13 22:38:22 +00:00
teastep
fb89790044
Add 'shorewall show config' command to display distribution-specific defaults
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4130 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-06-17 15:58:48 +00:00
paulgear
aedfe429cf
Normalise SUSE nomenclature; spelling corrections
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4104 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-06-15 05:32:14 +00:00
teastep
bc0586aa4a
Fix typo in shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4102 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-06-14 21:57:29 +00:00
teastep
412766ba52
Improve documentation of HIGH_ROUTE_MARKS in the configuration files
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3855 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-05-03 21:35:25 +00:00
teastep
f2f7edf404
Allow hex numbers in 'mark' column of the providers file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3850 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-05-03 20:37:35 +00:00
teastep
b3735408ef
Fiddle with comments in config files
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3785 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-04-11 22:20:09 +00:00
teastep
503aeea7df
Fix compilation failure on LEAF Bearing -- second pass; correct awkward wording in shorewall.conf comments
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3781 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-04-10 21:16:02 +00:00
teastep
912008e003
Subdivide mark fields for TC and Routing -- Phase I
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3772 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-04-04 22:56:51 +00:00
teastep
80e08e57e8
Add IMPLICIT_CONTINUE option to shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3723 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-03-24 00:05:09 +00:00
judas_iscariote
19a248d750
1. remove svn:executable property of some files.
...
2. put the French docs in it's own branch.
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3609 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-03-01 02:00:43 +00:00
teastep
20d3f6afdc
Error with ESTABLISHED/RELATED rules and FASTACCEPT
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3419 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-02-01 23:05:32 +00:00
teastep
bb7bf55a77
Fix typo in shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3411 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-31 16:24:23 +00:00
teastep
c137f1992a
Rename VERBOSE to VERBOSITY
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3373 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-24 17:44:19 +00:00
teastep
33cc957521
Repair -v brain damage
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3371 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-24 16:10:41 +00:00
teastep
cf8344b26d
Allow default verbosity to be set in shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3358 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-23 17:48:15 +00:00
teastep
248b26a7d8
Re-add dynamic zone capability
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3264 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-11 23:30:33 +00:00
teastep
1cb2d888e8
Remove dynamic zone capability from development branch
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3196 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-24 21:23:10 +00:00
teastep
98f828f1c9
Console-friendly shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3163 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-14 16:18:38 +00:00
teastep
1ed05f0fef
Change CLEAR_TC default to 'Yes'
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3148 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-10 20:11:07 +00:00
teastep
3d0ec74fde
Clarifications and minor documentation corrections
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3108 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-01 22:27:18 +00:00
teastep
ee433d350d
Add upgrade warning to shorewall.conf -- Take 2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3105 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-01 21:26:41 +00:00
teastep
d395e177a1
Add upgrade warning to shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3104 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-01 21:11:23 +00:00
teastep
577389464f
Improve bridging instructions in config file comments
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3090 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-28 15:26:06 +00:00
teastep
532bb3df5e
Typo in shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2874 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-13 18:12:55 +00:00
teastep
2fc9e1590e
Clean up MACLIST_TABLE mess in shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2873 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-13 18:11:48 +00:00
teastep
7d97b536a6
Move MACLIST_TABLE to correct section of shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2850 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-11 16:49:13 +00:00
teastep
f7e2332fd3
Correct spelling of MACLIST_TABLE in shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2847 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-10 21:29:24 +00:00
teastep
1af4d541a0
Add TC_ENABLED=Internal
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2836 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-09 15:47:47 +00:00
teastep
d680528283
Replace TC_ENABLED with TC_SCRIPT
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2829 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-07 22:16:03 +00:00
teastep
a510a70124
Incomplete implementation of MACLIST_TABLE
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2815 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-06 20:01:51 +00:00
teastep
7870f16cb7
Bring tc4shorewall code into the firewall script
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2806 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-05 22:51:29 +00:00
teastep
a66d94d609
Fixes for IPP2P -- fix 'shorewall flush' and multi-ISP
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2801 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-05 16:45:50 +00:00
teastep
340053a6bc
Require MARK_IN_FORWARD_CHAIN=Yes for multi-ISP
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2792 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-04 17:40:09 +00:00
teastep
2b6a9bb843
Deimplement original 'netnotsyn' handling
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2766 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-01 15:55:41 +00:00
teastep
3daf8076ff
Add warning about side effects of ADD_SNAT_ALIASES and ADD_IP_ALIASES
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2749 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-29 15:37:15 +00:00
teastep
f6875e9da7
Alchemy -- zone file style
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2623 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-02 20:46:53 +00:00
teastep
738b45ad9e
Update the version number to 3.0 in all files
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2606 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-31 15:27:22 +00:00
teastep
370d61970a
Add FASTACCEPT option to accept ESTABLISHED/RELATED packets early
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2474 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-11 19:53:07 +00:00
teastep
ac1983a5da
Large cleanup patch from Tuomo Soini
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2449 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-02 16:46:30 +00:00
teastep
0a03598d11
Correct anachronistic reference in /etc/shorewall/shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2436 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-31 16:26:55 +00:00
teastep
b66929a65e
Large merge of function from EXPERIMENTAL to HEAD.
...
1) Elimination of the "shorewall monitor" command.
2) The /etc/shorewall/ipsec and /etc/shorewall/zones file are combined into
a single /etc/shorewall/zones file. This is done in an upwardly-compatible
way so that current users can continue to use their existing files.
3) Support has been added for the arp_ignore interface option.
4) DROPINVALID has been removed from shorewall.conf. Behavior is as if
DROPINVALID=No was specified.
5) The 'nobogons' option and BOGON_LOG_LEVEL are removed.
6) Error and warning messages have been made easier to spot by using
capitalization (e.g., ERROR: and WARNING:).
7) The /etc/shorewall/policy file now contains a new connection policy and a
policy for ESTABLISHED packets. Useful for users of snort-inline who want to
pass all packets to the QUEUE target.
8) A new 'critical' option has been added to /etc/shorewall/routestopped.
Shorewall insures communication between the firewall and 'critical' hosts
throughout start, restart, stop and clear. Useful for diskless firewall's
with NFS-mounted file systems, LDAP servers, Crossbow, etc.
9) Macros. Macros are very similar to actions but are easier to use, allow
parameter substitution and are more efficient. Almost all of the standard
actions have been converted to macros in the EXPERIMENTAL branch.
10) The default value of ADD_IP_ALIASES in shorewall.conf is changed to No.
11) If you have 'make' installed on your firewall, then when you use
the '-f' option to 'shorewall start' (as happens when you reboot),
if your /etc/shorewall/ directory contains files that were modified
after Shorewall was last restarted then Shorewall is started using
the config files rather than using the saved configuration.
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2409 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-25 23:08:09 +00:00
teastep
b0e6e3a893
Given the large number of people shooting themselves in the foot with
...
poorly-written one-to-one NAT rules, I'm changing the shorewall.conf
file to set ADD_IP_ALIASES=No in shorewall.conf. Hopefully, this will
reduce the amount of whining about routing table modification during
"shorewall [re]start".
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2372 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-19 18:41:05 +00:00
teastep
318e204358
Re-implement MACLIST_TTL
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2358 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-17 22:08:15 +00:00