Commit Graph

5087 Commits

Author SHA1 Message Date
Tom Eastep
48706695b6 Make the SNMP bi-directional with traps allowed in the reverse direction
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-30 14:25:51 -07:00
Tom Eastep
d838cf41bf Allow TTL and HL in the PREROUTING chain.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-28 11:45:32 -07:00
Tom Eastep
3aca90811c Clear the current comment at the end of the blrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-27 07:29:47 -07:00
Tom Eastep
341dec0711 Another fix for the NOTRACK patch
- 3 defects in a two-line patch :-(
2012-08-26 09:17:57 -07:00
Tom Eastep
dc21d015da Clean up white-space in Togan's patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-26 08:27:24 -07:00
Tom Eastep
779243094e Map NOTRACK to 'CT --notrack' if CT_TARGET is available.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-26 08:08:57 -07:00
Togan Muftuoglu
906795a4d7 Suse specific patches
Hi Tom,

I have been patching shorewall packages for the opensuse releases, but I
guess it is better to send them to you . the upstream so it gets
incorporated into shorewall itself and I do not have to patch it ;)

I believe I have incorparted most of my patches in to this one. If you
can review them and if appropriate apply them that would be great

Thanks

Togan

>From 6072c08de753e7d1cc31bb758295dee198197e41 Mon Sep 17 00:00:00 2001
From: Togan Muftuoglu <toganm@opensuse.org>
Date: Fri, 24 Aug 2012 13:17:12 +0200
Subject: [PATCH] suse-specific

Signed-off-by: Togan Muftuoglu <toganm@opensuse.org>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-25 08:41:28 -07:00
Tom Eastep
3006452cea Unconditionally restore route mark in PREROUTING and OUTPUT.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-23 12:23:29 -07:00
Tom Eastep
dffd98dff7 Revert change that added CONTINUE as a valid content of the ADDRESSES column
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-21 10:51:01 -07:00
Tom Eastep
64edd30a76 Correct link in shorewall[6].conf manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-21 07:54:51 -07:00
Tom Eastep
c20611b6c0 Add CONTINUE keyword to the masq file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-20 18:09:59 -07:00
Tom Eastep
1fd9e5e95c Compensate for silly RHEL bug
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-20 07:20:21 -07:00
Tom Eastep
99efb518bd Add the HELPER column to the rules files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-18 12:05:42 -07:00
Tom Eastep
1b7a7d0fdf Remove some more hard-coded directory names from the installers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-17 14:24:52 -07:00
Tom Eastep
7ac9e46e1f Add a comment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-16 15:49:33 -07:00
Tom Eastep
0a4f26a318 Correct handling of existing notrack file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-16 14:46:48 -07:00
Tom Eastep
8d3cf6428f Install the conntrack file unconditionally.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-16 10:50:23 -07:00
Tom Eastep
f6c4650624 Allow a notrack with nothing but FORMAT and COMMENT lines to be removed.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-16 10:49:59 -07:00
Tom Eastep
3c35af9d8c Merge branch 'master' into 4.5.7 2012-08-16 08:34:54 -07:00
Tom Eastep
1e11109bb2 Don't combine rules with '-m policy'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-16 08:34:30 -07:00
Tom Eastep
f59612671b Don't optimize chains with '-m ipsec'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-16 07:33:01 -07:00
Tom Eastep
da4f7ee524 Handle ppp devices correctly in the 'enable' command.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-16 06:59:35 -07:00
Tom Eastep
b132176dae Correct reference adjustment in new opt4 code
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-14 13:36:39 -07:00
Tom Eastep
1f59e4f449 Update case in conditionals.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-14 11:42:46 -07:00
Tom Eastep
8487c78a0a Adjust reference counts when splicing in short chain
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-14 08:34:51 -07:00
Tom Eastep
fdc45a990d Arrange for HELPER to match in the RELATED section.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-13 15:44:19 -07:00
Tom Eastep
44a550870c Add HELPER action.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-13 13:23:38 -07:00
Tom Eastep
bd3295b0e3 Remove temporary hack
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-13 08:55:43 -07:00
Tom Eastep
f1fbb95d48 Update documentation for content merged from the 4.5.8 (master) path
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-13 08:16:36 -07:00
Tom Eastep
45288f5927 Revise notrack/conntrack handling:
- Purge empty notrack files.
- Process both files.
2012-08-13 07:28:07 -07:00
Tom Eastep
75b830b10e Merge branch 'master' into 4.5.7 2012-08-13 06:57:54 -07:00
Tom Eastep
4b2d48d621 Hardwire AUTOHELPERS until 4.5.8.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-13 06:48:19 -07:00
Tom Eastep
50362040d7 Enable automatic helper association during 'stop'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-12 08:46:06 -07:00
Tom Eastep
2f1d59366c Unconditionally disable kernel automatic helper association during start.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-12 08:43:28 -07:00
Tom Eastep
b372163122 Enable automatic helper association during 'stop'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-12 08:42:53 -07:00
Tom Eastep
50bd1d6398 Add AUTOHELPER option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-12 07:25:11 -07:00
Tom Eastep
e6ef32ebc2 Make conditional directives case insensitive
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-11 08:48:35 -07:00
Tom Eastep
a5824dc2d4 Optimize extension
- Eliminate short chains with a single reference.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-11 08:47:10 -07:00
Tom Eastep
b5af6f03fb Create better rules when a HELPER appears in an action
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-11 07:48:03 -07:00
Tom Eastep
50dfffec94 Eliminate duplicate rules in raw-table chains when optimize level 16.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-10 07:09:01 -07:00
Tom Eastep
ad818c071a Generate omnibus tracking rules when NAT/ACCEPT with helper appears in an action.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-10 06:55:18 -07:00
Tom Eastep
e84ee76c7d Add helpers to macros
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-09 10:32:34 -07:00
Tom Eastep
2ab50e65d7 Make conditional directives case insensitive
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-09 10:30:02 -07:00
Tom Eastep
2690243e3c Add helpers in the macros
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-09 07:36:04 -07:00
Tom Eastep
4d3fbd1dfa Allow '?IF 0'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-08 07:24:17 -07:00
Tom Eastep
e8a4728981 Allow '?IF 0'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-08 07:23:43 -07:00
Tom Eastep
ee28638604 Add HELPERS to rules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-08 07:23:20 -07:00
Tom Eastep
a8495626b0 Merge branch '4.5.6' into 4.5.7 2012-08-07 15:10:15 -07:00
Tom Eastep
c6186571e5 Handle raw table zones from VSERVERS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-07 15:09:40 -07:00
Tom Eastep
ccf517307e Handle raw table zones from VSERVERS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-07 14:51:58 -07:00