Commit Graph

502 Commits

Author SHA1 Message Date
teastep
3458f3e0f4 Fix generic firewall parsing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@713 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-14 02:08:51 +00:00
teastep
d55bcfca0b Rate Limiting in Rules - Part 7
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@711 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-13 21:31:02 +00:00
teastep
8d9ec49a6b Rate Limiting in Rules - Part 4
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@708 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-13 18:51:18 +00:00
teastep
e454c7fe73 Rate Limiting in Rules - Part 3
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@707 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-13 18:48:28 +00:00
teastep
88dbd252af Rate Limiting in Rules - Part 1
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@705 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-13 17:07:05 +00:00
teastep
552d738579 Allow bridge devices in /etc/shorewall/maclist
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@704 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-13 00:19:24 +00:00
teastep
a1c1785048 Allow degenerate rules; replace 'chain_exists' with 'havechain' in accounting code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@701 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-11 17:44:23 +00:00
teastep
ab073a41a4 Added CHAIN declarations
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@698 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-11 01:36:32 +00:00
teastep
24ed025834 Conditionally create accounting chain
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@697 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-10 16:22:19 +00:00
teastep
347ed2f629 Conditionally create accounting chain
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@696 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-10 16:19:36 +00:00
teastep
7cb2d841aa Conditionally create accounting chain
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@695 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-10 16:12:30 +00:00
teastep
ac8585b68a Complete accounting support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@694 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-10 16:01:21 +00:00
teastep
1144d736bf Correct bug in accounting file processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@693 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-10 15:06:23 +00:00
teastep
3c24144487 Add IP accounting
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@692 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-10 01:11:50 +00:00
teastep
b235cd19e1 Add arp_filter interface option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@690 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-08 20:55:06 +00:00
teastep
4192870cb2 Add support for range lists in /etc/shorewall/masq
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@687 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-06 23:50:33 +00:00
teastep
c8b9cbfd35 Generic tunnels
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@686 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-06 00:06:44 +00:00
teastep
b2729de062 Fix adding addresses to P-T-P devices
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@683 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-05 15:05:45 +00:00
teastep
4c08cc4780 ADMINISABSENTMINDED Option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@681 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-29 23:04:04 +00:00
teastep
617c0d311e Remove braindead code; prevent 'stop' when 'start' is disabled
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@680 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-28 17:32:41 +00:00
teastep
f7ea7cdd41 Snapshot 1.4.6_20030726
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@678 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-26 16:44:38 +00:00
teastep
a63d259b40 Move call to determine_capabilities so that MANGLE_ENABLED is set before it is tested
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@674 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-22 14:25:36 +00:00
teastep
9188253bd4 {
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@670 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-21 22:02:34 +00:00
teastep
afd7840558 Suppress DHCP message when there are no DHCP rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@666 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-18 23:12:34 +00:00
teastep
c89d302114 Streamline module loading
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@663 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-16 03:22:45 +00:00
teastep
0c8365f7bb Support 2.6 compressed modules; add chain name to policy display in 'check' command
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@662 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-16 03:07:38 +00:00
teastep
defe814ca5 More rule processing fixes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@659 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-14 20:25:03 +00:00
teastep
8dce6e9522 More rule processing fixes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@658 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-14 20:16:24 +00:00
teastep
528c7b549a More rule processing fixes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@657 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-14 19:51:25 +00:00
teastep
31f6e580e4 More rule processing fixes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@656 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-14 19:43:32 +00:00
teastep
94ceb711b7 Fix exclude zone processing in DNAT and REDIRECT rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@655 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-14 16:44:35 +00:00
teastep
5b03f63961 Fix exclude zone processing in DNAT and REDIRECT rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@654 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-14 16:20:45 +00:00
teastep
cf62edd5ca Add local variable to find_hosts_by_option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@648 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-06 16:27:40 +00:00
teastep
ed899188f8 Allow address lists in /etc/shorewall/hosts entries
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@647 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-06 16:10:23 +00:00
teastep
c615aa868a Allow address lists in /etc/shorewall/hosts entries
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@646 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-06 15:31:26 +00:00
teastep
045318946f Reword error message to use terminaolgy from documentation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@640 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 20:49:23 +00:00
teastep
3c5dd9167f Remove duplicate pattern in case statement
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@639 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 20:36:03 +00:00
teastep
a4183f21fe Add empty variable for 'call' command
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@638 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 19:52:34 +00:00
teastep
24d864d427 Fix my application of Simon Matter's Patch
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@637 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 18:17:40 +00:00
teastep
678e23918b Add undocumented 'call' commands to /sbin/shorewall and /usr/share/shorewall/firewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@635 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 17:55:43 +00:00
teastep
17a7a0492d Take care of some ipcalc anomalies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@634 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 17:41:28 +00:00
teastep
b1b3d09473 Move IP Address Manipulation Functions to /usr/share/shorewall/functions
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@631 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 16:24:41 +00:00
teastep
9a6c36c146 Remove requirement for XOR
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@626 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-04 15:08:29 +00:00
teastep
807e808318 Clear original dest when it is 0.0.0.0/0
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@625 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-03 16:12:28 +00:00
teastep
5b9d1f7460 Cleanup of code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@624 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-02 23:12:14 +00:00
teastep
6a1c9df7c9 Fix DNAT[-] destination list handling; add shell validation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@623 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-01 20:29:01 +00:00
teastep
fc1cc9b0eb Fix capability report -- Simon Matter
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@622 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-30 14:21:42 +00:00
teastep
06e38b587d SHOREWALL_SHELL parameter
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@621 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-28 15:22:22 +00:00
teastep
52bc8bca5e Add MULTIPORT to the list of detected capabilities
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@620 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-28 01:09:12 +00:00
teastep
7a2cad4d07 Add Conntrack Match Capability
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@618 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-27 21:02:52 +00:00
teastep
f562fa4836 Correct ip_range handling of CIDR
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@617 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-26 14:29:24 +00:00
teastep
753cf160e4 Replace multiplication by bit shift in decodeaddr()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@616 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-25 19:20:23 +00:00
teastep
08c45deb2e Make new code work on lesser shells
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@613 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-23 23:04:50 +00:00
teastep
8683295810 More tweaking of address manipulation code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@611 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-23 17:51:33 +00:00
teastep
c3eab43a3b Fix addition of IP addresses
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@610 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-23 00:44:53 +00:00
teastep
0b075e78b6 Fix addition of IP addresses
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@609 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-23 00:42:28 +00:00
teastep
9aaef4d05a Add load-balancing support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@607 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-22 22:56:25 +00:00
teastep
b33ffddc7b Fix label creation for IP address ranges
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@606 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-22 21:22:57 +00:00
teastep
debf41d707 Allow IP ranges with ADD_SNAT_ALIASES=Yes; Fix add_ip_aliases to match proper subnet to add to
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@605 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-22 16:58:33 +00:00
teastep
d6262099c6 Add FIN to accepted flags for NEWNOTSYN
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@604 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-19 20:19:41 +00:00
teastep
ea38e5f72b Refine 'newnotsyn' option handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@602 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-18 19:55:16 +00:00
teastep
cc9fd2b4ef Refine 'newnotsyn' option handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@601 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-18 19:49:54 +00:00
teastep
88595aec4f Refine 'newnotsyn' option handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@600 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-18 19:40:35 +00:00
teastep
045263c704 Refine 'newnotsyn' option handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@599 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-18 19:24:16 +00:00
teastep
027e5fcd0f Implemented 'newnotsyn' interface option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@596 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-18 18:37:37 +00:00
teastep
170c3df6c4 Work around RH7.3 'service' anomaly
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@595 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-18 18:26:05 +00:00
teastep
4e26bb4ba4 Back out changes for reject processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@589 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-11 23:57:35 +00:00
teastep
3bb2d171ae Fix REJECT processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@588 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-11 19:46:50 +00:00
teastep
275a8ca33f Don't whine about LOG policy rule; Accept RELATED connections during [re]start
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@587 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-11 01:01:48 +00:00
teastep
1c2f75656d More cleanup
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@585 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-02 22:01:50 +00:00
teastep
70d8293d88 Re-add logging code that was mistakenly deleted
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@584 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-02 19:26:56 +00:00
teastep
2bdcada874 Fix routestopped; minor fix in rules processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@583 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-02 18:08:35 +00:00
teastep
184d7aac40 More cleanup of rules processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@581 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-01 18:14:57 +00:00
teastep
18cfd011c3 A small cleanup of the rules parsing code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@580 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-01 16:51:34 +00:00
teastep
89bb721da4 More ORIGINAL DEST fixes; restore last 'Hits' report
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@579 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-01 03:14:20 +00:00
teastep
e3bafeecaa Make excludehosts work for OUTPUT; correct destination in DNAT rule
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@578 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-31 16:34:17 +00:00
teastep
d9268be1c4 List on original dest; debugging try
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@577 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-31 15:29:14 +00:00
teastep
df6a59cf68 Shorewall-1.4.4b
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@575 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-29 14:43:47 +00:00
teastep
e70a63f267 Shorewall-1.4.4a
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@573 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-28 19:20:23 +00:00
teastep
59660f2576 Restore 5-character zone name capability
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@572 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-27 17:49:13 +00:00
teastep
66337f3cda Restore 5-character zone name capability
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@570 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-27 17:42:12 +00:00
teastep
09392c88d3 Move DNAT and REDIRECT logging to the nat table
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@567 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-22 20:37:24 +00:00
teastep
e33573eff9 Change LOGMARKER/LOGFORMAT Implementation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@566 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-21 21:36:05 +00:00
teastep
c15c93c7d1 Implement REDIRECT-
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@564 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-20 23:27:11 +00:00
teastep
019fc32d26 Enable loopback interface earlier in startup
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@550 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-05-16 15:19:57 +00:00
teastep
bbcbbca6b8 Implement LOGMARKER variable
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@546 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-25 16:22:18 +00:00
teastep
554970dcc4 Correct Syntax Error
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@544 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-21 23:04:52 +00:00
teastep
f404c75b2f Add 6to4 tunnel support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@543 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-21 15:12:59 +00:00
teastep
99cb231761 Remove temporary directory at completion of 'add' and 'delete' commands
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@541 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-18 03:09:51 +00:00
teastep
8b5cadbdff Add a catchall rule for old REJECT handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@539 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-16 16:54:46 +00:00
teastep
a7cd930b96 Add comments to REJECT improvement
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@538 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-14 01:01:01 +00:00
teastep
d44564fab8 Improve REJECT processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@537 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-14 00:47:47 +00:00
teastep
850f18bea6 Make a more conservative patch to fix the 'traceroute -I' problem
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@531 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-01 14:58:47 +00:00
teastep
e16e47893d Add 'routeback' option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@530 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-04-01 02:00:37 +00:00
teastep
02a42e2fb0 INCLUDE directive; make 'traceroute -I' work again
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@528 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-29 14:37:50 +00:00
teastep
b49e944321 Remove trailing white space
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@526 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-24 21:56:31 +00:00
teastep
777202cb11 Remove superfluous -s specification
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@525 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-24 21:55:16 +00:00
teastep
b5d3078fa6 Add intermediate input chain for complex zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@524 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-24 21:02:29 +00:00
teastep
886ad1e547 Add intermediate input chain for complex zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@523 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-24 21:01:53 +00:00
teastep
1a36e13f8c Fix 'check' command shell message
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@522 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-23 23:53:10 +00:00
teastep
04d78dc49f Re-allow Z->Z rules/policies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@517 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-21 19:49:40 +00:00
teastep
526f0f9eb8 Re-allow Z->Z rules/policies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@516 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-21 19:47:19 +00:00
teastep
cb5d9460b8 Cleanup new policy code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@514 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-21 19:25:17 +00:00
teastep
e6d9dda852 Cleanup new policy code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@513 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-21 19:23:03 +00:00
teastep
5be79ecde7 NONE Policy; Allow Intrazone connections; no bounce rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@510 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-21 04:14:20 +00:00
teastep
8556250875 Only check 'ipchains' module on start
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@498 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-11 15:45:29 +00:00
teastep
8918a72c13 Ignore default route when detecting masq networks; refuse to start with ipchains module loaded
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@497 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-11 14:55:01 +00:00
teastep
0d7c31371a Restore the 'check' command to the comments in the 'firewall' script
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@496 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-10 00:47:12 +00:00
teastep
7fab125525 Drop INVALID state packets; rate limit NEWNOTSYN logging
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@495 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-10 00:41:39 +00:00
teastep
e2748d3245 More SHARED_DIR changes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@489 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-08 18:01:32 +00:00
teastep
6a478754ac Remove SHARED_DIR from shorewall.conf
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@488 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-08 17:55:34 +00:00
teastep
4a173940b2 Add log limiting to 'logdrop' chain and optimize code that deletes temporary rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@486 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-08 15:48:07 +00:00
teastep
c67ef5582c Remove two superfluous calls to determine_zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@484 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-07 00:30:39 +00:00
teastep
09fc5e317a Process params file before shorewall.conf
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@482 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-03-06 23:21:25 +00:00
teastep
4c2b1406de Remove unused function
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@478 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-28 15:33:40 +00:00
teastep
2894700fcf Re-add 'check' -- delete trailing white space
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@475 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-27 22:28:06 +00:00
teastep
a9d201f4f6 Print the name of the ECN file during processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@474 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-25 23:35:22 +00:00
teastep
5f0d26d1b9 Remove 'check' command
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@470 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-25 16:21:41 +00:00
teastep
99bcc9cc39 Alloc null second column in ecn file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@469 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-24 15:35:50 +00:00
teastep
08ec9ac4e0 Validate interface names in ecn file; confirm additions to ECN control chain; update to Beta2
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@468 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-24 15:24:55 +00:00
teastep
5a778540da Tweak the comma-separated list parsing fix
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@466 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-23 14:22:14 +00:00
teastep
21cb22303f 1) Remove trailing white space.
2) Improve detection of white space in comma-separated lists.
3) Fix a typo in the INSTALL file.


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@464 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-23 14:10:37 +00:00
teastep
9b98ecbff5 final 1.4.0 Beta1 Changes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@461 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-21 22:55:36 +00:00
teastep
fe9b56090c Remove call to undefined function 'validate_bounce_file'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@458 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-21 17:00:10 +00:00
teastep
6cabdfae5d More 1.3.14 Changes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@456 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-19 23:52:03 +00:00
teastep
5fe2bef29e Remove icmp.def; change versions to 1.4
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@449 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-15 00:09:44 +00:00
teastep
b5c7f91e5a Run user init script before stripping files; improve comment in hosts file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@445 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-13 14:59:34 +00:00
teastep
92fc84ac14 Outbound ICMP no longer unconditionally accepted
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@444 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-11 01:34:52 +00:00
teastep
ef51c04d1d Shorewall 2.0.0 Alpha1
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@443 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-08 20:58:44 +00:00
teastep
f9918b0da8 Correct rule number calculation in 'shorewall add' code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@436 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-08 20:44:00 +00:00
teastep
5b9a57d49e Changes for 1.3.14 RC1
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@430 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-02-04 16:59:49 +00:00
teastep
5aeecee8ab Add openvpn tunnel support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@426 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-31 19:10:22 +00:00
teastep
4cf3600e5c Update copyrights
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@425 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-31 18:04:57 +00:00
teastep
45879f20f3 Beta 2 update
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@423 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-29 02:56:39 +00:00
teastep
fd37bd4c59 Fix VLAN Broadcast detection
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@422 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-28 14:44:40 +00:00
teastep
bf4ccb8d7a Restore support for VLAN devices
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@420 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-27 02:54:43 +00:00
teastep
cd1417ec17 Clean up release notes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@419 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-26 01:00:22 +00:00
teastep
4964497aa3 Allow labels for aliases added under ADD_SNAT_ALIASES; improve masquerade algorithm
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@417 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-24 23:43:22 +00:00
teastep
5b101f3a81 Use the routing table rather than the ip configuration to determine masquerading
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@416 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-24 22:59:49 +00:00
teastep
94c5455c9e Masquerade from all primary subnets when an interface name is in the second column of masq file entry
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@415 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-24 22:47:22 +00:00
teastep
43cc73ef47 Allow creation of an alias label when ADD_IP_ALIASE=Yes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@414 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-24 19:42:23 +00:00
teastep
0bd0a3672e Allow specification of marking chain in TC rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@411 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-23 23:18:40 +00:00
teastep
a0cb5de22c Make FORWARDPING=Yes verboten under OLD_PING_HANDLING=No; make 'list' a synonym for 'show' in /sbin/shorewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@410 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-23 01:13:36 +00:00
teastep
7fe133fe4a Add OLD_PING_HANDLING option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@406 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-21 00:34:00 +00:00
teastep
3b29150cb2 Fix bug in 'shorewall add' re 'find_interfaces_by_maclist'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@405 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-20 23:06:55 +00:00
teastep
bdcf22b4f8 Add NAT support with remote IPSEC zone; add UDP 4500 to ipsecnat support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@398 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-07 16:26:41 +00:00
teastep
feb0752113 Allow shared files to be moved easily
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@397 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-06 23:01:23 +00:00
teastep
a28dac71ec Update release notes comment -- allow '-' in ORIGINAL DEST column for consistency
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@395 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-06 14:12:59 +00:00
teastep
305c43fea2 Fix RFC1918_LOG_LEVEL
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@394 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-01-03 17:48:11 +00:00
teastep
b1fb6bd72c Add CLEAR_TC option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@392 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-31 16:04:31 +00:00
teastep
9ebd6ceaae Exit status 255 from tcclear indicates that Shorewall should not clear tc
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@391 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-31 03:50:05 +00:00
teastep
144c9ab576 Add DNAT- action; 'shorewall check' prints policies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@390 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-31 01:10:28 +00:00
teastep
6ec62fd189 Fix bug in blacklist logging
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@381 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-22 05:26:20 +00:00
teastep
ba05611498 Fix bad bug in find_hosts_by_option()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@376 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-20 21:10:53 +00:00
teastep
43b6a8acc8 Change comment on SPT=0 trap
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@375 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-20 01:13:41 +00:00
teastep
ad6a24aa3f a) fix a silly bug and b) avoid calling separate_list on an already separated list
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@373 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-19 21:30:58 +00:00
teastep
97c6eae79e Release 1.3.12-Beta1 Changes; bug fix from Tuomo Soini
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@372 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-19 20:14:10 +00:00
teastep
c9a1bff975 More Cleanup
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@371 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-18 23:56:34 +00:00
teastep
efb857df9d Fix a couple of bugs in recent changes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@370 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-18 21:58:21 +00:00
teastep
852217c510 Break 'run_iptables' into two functions - only run_iptables2 checks for \!
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@369 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-18 21:26:03 +00:00
teastep
fa843d4139 Allow marking packets in the FORWARD chain
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@368 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-16 19:25:20 +00:00
teastep
ede456adf6 Restore fw->fw redirection; Check for SPT=0 in SYN
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@367 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-14 15:44:26 +00:00
teastep
b9891e08e2 Add ULOG Support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@362 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-13 03:23:46 +00:00
teastep
faa859e84a Added error message for MAC address in rule destination
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@361 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-10 22:48:04 +00:00
teastep
39da3ef60f Remove redundent function - add some comments
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@358 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-10 16:03:26 +00:00
teastep
1fa9316550 Yet another speed improvement
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@357 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-09 02:42:28 +00:00
teastep
46e306eba9 Correct wording of an error message
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@356 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-07 23:33:26 +00:00
teastep
14b0682723 More [re]start speedups
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@355 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-07 03:21:32 +00:00
teastep
2528043867 Speed up 'separate_list'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@354 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-06 00:31:49 +00:00
teastep
992cc301a7 Generate error if 'lo' is defined in the interfaces file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@353 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-05 17:29:56 +00:00
teastep
7a1aa39f95 Speed up running of iptables
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@351 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-05 00:18:47 +00:00
teastep
14a20ece71 a) Rewrote 'list_count' to not require 'wc'
b) Turn off trace after error
c) Allow output ICMP unconditionally again


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@350 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-04 23:53:03 +00:00
teastep
0f33d5af0d Refresh also refreshes traffic control/shaping
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@349 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-04 21:17:14 +00:00
teastep
94cc75b63a Fix bug in NAT exclusion -- Roger Aich
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@344 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-27 19:16:06 +00:00
teastep
9a8d39bdd5 Add reverse GRE rules for PPTP server and clients
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@337 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-24 18:40:51 +00:00
teastep
dc0c17f075 Minor firewall cleanup
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@334 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-13 00:57:48 +00:00
teastep
871eeffa2c Revise 'all' in rules to never apply to intra-zone traffic
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@333 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-11 19:47:34 +00:00
teastep
9483f891fc Allow 'all' in rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@332 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-11 19:21:47 +00:00
teastep
0ad28aae80 Correct fw->fw rule catcher
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@331 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-11 18:24:38 +00:00
teastep
a511b9b485 Check for fw->fw rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@330 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-11 17:38:40 +00:00
teastep
18a6aff46a Add some comments in the policy chain creation/population logic
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@327 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-11 03:41:42 +00:00
teastep
b8f806e625 Accomodate bash clones like dash and ash
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@325 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-10 23:15:53 +00:00
teastep
8c3af56566 Add TCP Flags Checking
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@324 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-10 21:34:20 +00:00
teastep
c44cb44f7c Verify interface names in the SOURCE column of /etc/shorewall/tcrules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@318 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-09 15:56:29 +00:00
teastep
507fa8069d Cosmetic cleanup in firewall script
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@317 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-11-03 15:42:23 +00:00
teastep
5ff9d1a888 Clear nat and mangle counters during 'shorewall reset'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@316 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-30 15:56:46 +00:00
teastep
eef8a3dc72 Improve comments in interfaces file re: use of aliases
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@314 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-29 01:36:06 +00:00
teastep
01a78306cf Update release and changelog files
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@312 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-24 00:47:43 +00:00
teastep
0eda4bab27 Conserve space by removing comment decorations
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@311 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-23 16:48:40 +00:00
teastep
a997c16a42 Clean up MAC Verification Code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@310 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-23 15:58:53 +00:00
teastep
d26c6a5e92 Extend 'maclist' to the hosts file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@309 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-23 01:22:48 +00:00
teastep
347fc0da18 Adjust insertion points for dynamic zone rules based on MAC verification
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@308 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-22 18:33:37 +00:00
teastep
cd555022bf Add MAC verification
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@306 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-22 18:07:52 +00:00
teastep
9f691d20e4 Allow SNAT using primary IP and ADD_SNAT_ALIASES=Yes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@305 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-22 00:13:24 +00:00
teastep
42d7503984 Give better error message when getting the IP of a down interface
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@303 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-21 18:13:28 +00:00
teastep
23f6bb2371 Move the main firewall script to /usr/lib/shorewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@297 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-15 15:00:11 +00:00
teastep
c1d99fe769 Add support for PPTP client and server on the Firewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@295 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-14 22:26:28 +00:00
teastep
912681428b Tone down ipsecnat rules a bit
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@294 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-11 17:19:06 +00:00
teastep
2c41dc5154 Add IPSECNAT tunnel type; correct typo in spec file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@293 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-10 13:29:06 +00:00
teastep
9c0ad6d495 Fix typo in firewall script (recalculate_interfacess)
Add PATH assignment to the install script
Correct 'functions' file handling in the install script


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@288 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-09 15:05:53 +00:00
teastep
38e5f236dc Remove iptables 1.2.7 hacks
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@286 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-05 16:36:53 +00:00
teastep
46328322db Add some comments to the Dynamic Zone code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@282 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-02 01:24:57 +00:00
teastep
93db8120f9 Some optimizations to the Dynamic Zone code
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@281 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 23:58:48 +00:00
teastep
e55951ba31 Fix typo
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@280 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 23:49:17 +00:00
teastep
09285f8c06 Fix rule insertion algorithms for Dynamic Zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@279 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 23:43:03 +00:00
teastep
8ff1919657 Correct typo in error message
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@278 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 23:01:34 +00:00
teastep
73ae96bb64 More fixes for Dynamic Zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@277 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 22:27:19 +00:00
teastep
1a0534f5c0 Corrections to Dynamic Zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@276 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 21:46:48 +00:00
teastep
129cedbe8f First implementation of dynamic zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@275 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-10-01 20:54:42 +00:00
teastep
e7c44ec80e Fix dumb bug in 1.3.9 Tunnel Handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@270 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-30 17:48:20 +00:00
teastep
85dfee1475 Remove after error exits
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@263 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-29 21:28:44 +00:00
teastep
c665fec5ef Cleanup of 1.3.9 for Bering
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@261 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-29 21:08:25 +00:00
teastep
86d7723602 Fix problems with oddball shells; updated documentation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@260 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-28 00:31:15 +00:00
teastep
f536d805b0 Move fireall, function and version to /usr/lib/shorewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@259 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-27 21:10:21 +00:00
teastep
de84a5a43e Don't insist on NEW state for odd protocols -- part 2
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@257 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-26 20:35:25 +00:00
teastep
ccf0e4d598 Don't insist on NEW state for odd protocols
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@256 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-26 20:28:49 +00:00
teastep
f2b2e84808 Add DNS Name support; remove startup_disabled on uninstall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@255 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-24 23:13:36 +00:00
teastep
7ff49f05b6 Prevent pre-configuration startup; change version to 1.3.9
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@250 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-19 20:40:10 +00:00
teastep
7f249597b6 Fix typo in policy file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@248 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-19 18:36:09 +00:00
teastep
167cf45cea Allow both interface and address on source in rules file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@247 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-18 23:38:09 +00:00
teastep
87890954b7 Allow RST and ACK packets under NEWNOTSYN=Yes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@238 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-16 16:08:15 +00:00
teastep
53f8743591 Add ICMP and MULTIPORT support to the black list
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@237 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-14 23:40:46 +00:00
teastep
80498aa034 Assume 'multi' if canonical chain exists; add PROTOCOL and PORT columns to the blacklist file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@236 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-14 22:00:52 +00:00
teastep
08eed6d0b4 Second try at DNAT fw ... fix
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@229 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-02 17:39:46 +00:00
teastep
b3e56a87ea Correct DNAT with 'fw' source; verify interface in masq file entries
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@227 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-09-01 17:34:59 +00:00
teastep
ff412cba4d Fix for 'shorewall refresh' bug
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@225 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-27 02:15:48 +00:00
teastep
def9caa806 Replace tab with space in black list message
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@219 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-26 20:36:19 +00:00
teastep
429b8e7d38 Check for DHCP before RFC 1918
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@217 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-24 15:09:34 +00:00
teastep
8f4ff3306e NEWNOTSYN option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@216 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-23 18:51:55 +00:00
teastep
2ef1dbf0af Correct rule processing bug in 1.3.7
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@212 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-23 01:55:51 +00:00
teastep
d766536d1c Correction to iptables 1.2.7 workaround
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@205 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-22 13:34:43 +00:00
teastep
bcea92a607 Work around iptables 1.2.7 bugs
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@204 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-19 17:33:22 +00:00
teastep
7af8a1dbb6 Correct ADD_SNAT_ALIASES problem (again)
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@203 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-19 14:40:42 +00:00
teastep
646a947b8c Correct ADD_SNAT_ALIASES problem
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@202 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-19 13:56:28 +00:00
teastep
652cadb22c Add loopback class A to rfc1918 file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@201 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-17 22:15:41 +00:00
teastep
6ae0ea8981 Make multiport work with iptables 1.2.7
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@197 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-14 16:01:32 +00:00
teastep
3c8515aa6b Remove ICMP.DEF and replace with FORWARDPING option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@189 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-12 17:33:05 +00:00
teastep
0e9e5a4241 Remove extra '-p tcp'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@178 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-06 19:45:49 +00:00
teastep
ed2036ece9 Make 'new not SYN' user-customizable
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@177 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-06 19:06:32 +00:00
teastep
27952f3d4b Final 'New not SYN' implementation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@176 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-06 18:45:13 +00:00
teastep
3428f59895 New technique for dealing with NEW not SYN
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@175 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-05 23:34:46 +00:00
teastep
7b00737a94 Initialize LOGNEWNOTSYN
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@174 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-05 14:43:39 +00:00
teastep
3ae4938cec Update versions to 1.3.6\; Add NEWNOTSYN parameter
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@173 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-05 14:40:06 +00:00
teastep
5940dd8815 Fix proxyarp attribute
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@171 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-08-04 22:54:49 +00:00
teastep
51c7e767ff Remove lock file when firewall script dies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@165 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-29 23:53:26 +00:00
teastep
63bc520aa9 Allow host-list in /etc/shorewall/hosts again
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@164 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-29 14:31:50 +00:00
teastep
576ee2beee Correct bugs in 1.3.5
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@161 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-27 18:47:09 +00:00
teastep
c2b143cba0 Added 'proxyarp' interface option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@156 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-25 15:05:21 +00:00
teastep
b898747dc3 Add MUTEX_TIMEOUT variable
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@150 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-24 03:47:34 +00:00
teastep
621e8df85b Issue message when adding an IP address
Don't die on lockfile timeout


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@148 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-07-23 23:09:14 +00:00