Tom Eastep
f999acda63
Eliminate shortlineinfo1()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-27 10:21:08 -08:00
Tom Eastep
b4723da07c
Eliminate $globals{TRACK_GLOBALS}
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-26 16:45:47 -08:00
Tom Eastep
3860a1dc72
Ensure that %origin is populated
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-26 16:31:04 -08:00
Tom Eastep
e756820ca1
Revert "Unify TRACK_RULES settings implementation"
...
This reverts commit 866cb04cbb
.
2016-01-26 11:49:26 -08:00
Tom Eastep
866cb04cbb
Unify TRACK_RULES settings implementation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-25 18:07:46 -08:00
Tom Eastep
6ef136a546
Add origin information for entries in shorewall[6].conf
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-25 15:49:18 -08:00
Tom Eastep
9b3b4579a2
Change TRACK_RULES setting from Internal to File
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-24 16:15:36 -08:00
Tom Eastep
3e404b765f
Make .ip[6]tables-restore-input comments conditional
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-23 17:04:52 -08:00
Tom Eastep
2235641c9f
Add origin to the ip[6]tables input.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-23 15:13:12 -08:00
Tom Eastep
3fe4619f66
Fix origin in interfaces and hosts
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-23 13:49:52 -08:00
Tom Eastep
247698a14d
Add origin in some rules from the Misc module
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-23 12:31:53 -08:00
Tom Eastep
73b20c832c
Add 'origin' member to rules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-23 10:45:26 -08:00
Tom Eastep
8ac754caed
Add 'origin' member to the interface and hosts tables
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-21 17:08:19 -08:00
Matt Darfeuille
c85ced09af
Corrected sysconfig files
...
Removed unnecessary lines in sysconfig files
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-19 09:25:37 -08:00
Tom Eastep
1abb77d66d
Remove restrictions on -m geoip
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-18 22:30:15 -08:00
Tom Eastep
a28f3012d5
Correct $VERSION setting in Raw.pm
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-18 09:38:35 -08:00
Tom Eastep
7d443b5e2e
Eliminate return value from process_action()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-18 09:08:35 -08:00
Tom Eastep
a945b3e0dd
Tweak the process_action() changes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-17 17:03:46 -08:00
Tom Eastep
ec6c233666
Centralize Rules module handling of @CALLER in actions
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-17 16:29:35 -08:00
Tom Eastep
4059e9de95
Clean up use_policy_action()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-17 12:35:12 -08:00
Tom Eastep
1ee645cd79
Another determinism fix -- red and codel options are now sorted
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-17 09:50:34 -08:00
Tom Eastep
1fedb26f1d
Handle @CALLER in policy chains
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-17 09:42:01 -08:00
Tom Eastep
031371f259
Improve maintainability of action-tuple code
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-16 17:26:16 -08:00
Tom Eastep
742c15b289
Improve @CALLER fix to create unique chains per caller
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-16 17:12:03 -08:00
Tom Eastep
f95c67ec6b
Restore unmodified .pm files after installation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-15 13:55:46 -08:00
matt darfeuille
f1ed963077
Shorewall 5.0.4 Beta 2
...
Hi Tom,
Some unnecessary lines need to be removed from the sysconfig files.
I made some more changes to the init.openwrt.sh scripts(lite and
lite6)
Attached as sysconfig-lite.patch!
In order to be able to use the build50 script I had to make a few
changes(attached as build50.patch):
- Adding a variable BASEDIR (to build shorewall in a subdirectory)
BASEDIR=$PWD
and doing:
$BASEDIR/annotate.pl
and so on ...
- Adding a variable
CYGWINSTYLESHEET
and modifying the script to use this new variable(added cygwin clause
in case statement)
- Adding a variable GITRELEASEDIR and modifying the lines around
624(to specify an other name for the release repo)
from
../release/
to
../$GITRELEASEDIR/
- Added line to remove unnecessary *.bak files
- Added an if statement if a subdirectory is used when patches are
created
question/request:
Would it be possible to use the build50 script without the '-t'
option?
That way only the packages would be built but the tarballs wouldn't
be created.
-Matt
On 12 Jan 2016 at 7:57, Tom Eastep wrote:
> Shorewall 5.0.4 Beta 2 is now available for download.
>
> New Feature since Beta 1:
>
> 1) The mangle file now supports an DIVERTHA action that provides
> support for HAProxy.
>
> To setup the HAProxy transparent configuration described at
>
> http://www.loadbalancer.org/blog/setting-up-haproxy-with-transparent-mode-on-centos-6-x ,
> place this entry in shorewall-providers(5):
>
>
> #NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS
> TProxy 1 - - lo - tproxy
>
> and use this DIVERTHA entry:
>
> #ACTION SOURCE DEST PROTO ...
> DIVERTHA - - tcp
>
> Thank you for testing,
> -Tom
> --
> Tom Eastep \ When I die, I want to go like my Grandfather who
> Shoreline, \ died peacefully in his sleep. Not screaming like
> Washington, USA \ all of the passengers in his car
> http://shorewall.net \________________________________________________
>
>
-------------- Enclosure number 1 ----------------
>From ca4c854433e1c4c5870ea3e71225e5df8da4e255 Mon Sep 17 00:00:00 2001
From: Matt Darfeuille <matdarf@gmail.com>
Date: Wed, 13 Jan 2016 21:28:47 +0100
Subject: [PATCH 1/2] Modified lite and lite6.init.openwrt.sh
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-14 16:36:21 -08:00
Tom Eastep
726d1492cd
Correct error message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-13 17:08:57 -08:00
Tom Eastep
12513e24a3
Revert "Implement dynamic actions"
...
This reverts commit 8075ba719a
.
2016-01-13 11:04:41 -08:00
Tom Eastep
21765d618d
Create unique chains when @caller is used
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-13 11:04:23 -08:00
Tom Eastep
de21c59885
Correct hashlimit in logging rules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-13 09:49:22 -08:00
Tom Eastep
8075ba719a
Implement dynamic actions
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-13 09:33:38 -08:00
Tom Eastep
3828eb856b
Rename HADIVERT to DIVERTHA
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-08 15:36:10 -08:00
Tom Eastep
e29e2d117d
Documentation updates
...
- update LSM section of the Multi-ISP article
- Correct formatting of HAPROXY examples
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-08 08:33:42 -08:00
Tom Eastep
ad2f20b824
Finish HAProxy support
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-06 09:12:33 -08:00
Tom Eastep
4c33c2b957
Add support for HAProxy
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-06 08:27:50 -08:00
Tom Eastep
ee6a1dadbb
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2016-01-05 10:48:48 -08:00
Tom Eastep
2f59ea5ca3
Implement the WAIT_OPTION capability
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-05 09:28:24 -08:00
Tuomo Soini
c447ddd03e
systemd service: rename pre214 systemd versions to pre214 and remove separeate 214 variants
2016-01-05 12:01:21 +02:00
Tom Eastep
0c66e5f1b2
More Openwrt support in Shorewall-init from Matt Darfeuille
...
- Also, various cleanup in install/uninstall scripts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-04 15:45:21 -08:00
Tom Eastep
e695e08009
A couple of corrections to the IP[6]TABLE transparency change
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-04 14:13:58 -08:00
Tom Eastep
c91b78a875
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
2016-01-04 13:10:48 -08:00
Tom Eastep
70a9240de6
Make IP[6]TABLES transparent
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-04 13:10:03 -08:00
Tom Eastep
06dd5dc38f
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
2016-01-02 12:37:43 -08:00
Tom Eastep
fad41e262a
Support the DROP command in the mangle file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-02 12:36:38 -08:00
Tom Eastep
89d91d37a1
Add Shorewall-init installer support for OpenWRT
...
- Supply sysconfig files for all products
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-27 16:47:31 -08:00
Tom Eastep
c9f57ad9c9
Update manpages for ADD timeout
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-24 09:20:42 -08:00
Tom Eastep
694dc64900
Allow comma in disposition when LOGTAGONLY=Yes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-23 09:06:43 -08:00
Tom Eastep
54b6488113
Allow a timeout to be specified in ADD rules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-23 08:24:00 -08:00
Tom Eastep
532d5c7e50
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
2015-12-08 08:06:39 -08:00
Tom Eastep
8429f68897
Handle MAC addresses in IPv6
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-07 15:15:28 -08:00
Tom Eastep
3ddc2a8f8b
Add parentheses for readability
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-07 08:02:35 -08:00
Tom Eastep
1d79cbc54e
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
...
# Conflicts:
# Shorewall-init/install.sh
2015-12-06 11:55:03 -08:00
Tom Eastep
4b893b2fd6
Install/uninstall fixes from Matt Darfeuille
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
Conflicts:
Shorewall-init/install.sh
2015-12-05 11:56:16 -08:00
Tom Eastep
8e7f001f7e
Update manpages for column renaming
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-04 14:53:26 -08:00
Tom Eastep
98b4ab5ceb
Add missing columns in the masq file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-03 19:51:21 -08:00
Tom Eastep
592de3e6fc
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2015-12-03 15:35:35 -08:00
Tom Eastep
2c1786422e
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2015-11-28 09:04:46 -08:00
Tom Eastep
b087cee7f0
Redefine MODULESDIR
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-28 08:36:12 -08:00
Tuomo Soini
948175124b
accounting: there must be more room for ACTION, SOURCE, and DEST
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-27 22:33:03 +02:00
Tom Eastep
178a7f83bc
Install/uninstall fixes from Matt Darfeuille
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-21 12:53:24 -08:00
Tuomo Soini
b25a8e4b2d
shorewall: use real field names in config file headers
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-16 18:16:17 +02:00
Tom Eastep
7b54e5e1a6
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2015-11-10 07:50:33 -08:00
Tuomo Soini
9460458fd5
Shorewall: reduce number of lines on config headers
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-09 23:04:00 +02:00
Tom Eastep
7fb00e0dfe
Remove the routestopped files and their manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-09 07:28:46 -08:00
Tuomo Soini
e989fa1d49
configfiles/routestopped: add install path
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-09 10:27:07 +02:00
Tuomo Soini
f095e6f31d
configfiles: unified configuration file formatting
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-09 10:24:20 +02:00
Tom Eastep
e75c88219f
Start optional interfaces when there are no providers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-05 18:07:31 -08:00
Tuomo Soini
85df53841b
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2015-11-02 00:02:56 +02:00
Tom Eastep
1c29240eb9
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2015-11-01 11:31:53 -08:00
Tom Eastep
2b733b610c
Return proper exit status from the remote-* commands
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-01 07:53:31 -08:00
Tom Eastep
aa680d8472
Avoid double slashes in pathnames within the installers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-31 12:57:33 -07:00
Tom Eastep
460f4bc5b7
Correct defect in processing the 'persistent' route option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-31 08:15:10 -07:00
Tom Eastep
f90567abf1
Add support for OpenWRT BB and later
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-31 08:08:17 -07:00
Tuomo Soini
0c481b4c30
shorewall: use consitent headers on config files
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-10-31 08:18:50 +02:00
Tom Eastep
6209616766
Add lib.cli-user support to the full products
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-30 08:47:16 -07:00
Tom Eastep
5a3589b9a6
Add some comments in get_params()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-30 08:18:45 -07:00
Tom Eastep
3973cdf0da
Merge branch '5.0.1'
2015-10-28 14:35:27 -07:00
Tom Eastep
e39d405e86
More tweaks to params processing and exporting
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-28 14:33:55 -07:00
Tom Eastep
239560be8d
Add Cygwin-specific code in get_params()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-28 13:47:40 -07:00
Tom Eastep
3873ebe06a
More param handling fixes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-28 09:37:52 -07:00
Tuomo Soini
e987a11614
Shorewall/configfiles/stoppedrules: use standard description
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-10-28 10:48:27 +02:00
Tom Eastep
081cf30447
Don't export variables with parentheses in their names
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-27 17:45:22 -07:00
Tuomo Soini
d614081d55
Shorewall/configfiles: remove empty lines and fix blrules header to common format
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-10-27 22:03:28 +02:00
Tom Eastep
35b90c2709
Update documentation for 'remote-' vs. 'remote_'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-27 08:16:06 -07:00
Tom Eastep
79a145bf83
Correct "remote-" commands
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-27 07:18:54 -07:00
Tom Eastep
6535bb94c5
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
2015-10-27 07:18:06 -07:00
Tom Eastep
38049fd0df
Correct "remote-" commands
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-26 20:06:10 -07:00
Tom Eastep
c2768a2d64
Correct error message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-26 13:08:09 -07:00
Tom Eastep
4f4358d4db
Correct error message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-26 13:07:40 -07:00
Tom Eastep
f822afef99
Issue warning if a persistent provider isn't optional
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-26 13:07:28 -07:00
Tom Eastep
514fe76fa5
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2015-10-26 07:55:30 -07:00
Tom Eastep
56bf8b1572
Don't configure persistence if the interface has no address
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-26 07:42:47 -07:00
Tuomo Soini
2a064c7b7c
macro.MSSQL: allow udp/1434
...
Reference: https://technet.microsoft.com/en-us/library/ms181087%28v=sql.105%29.aspx
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-10-26 10:22:37 +02:00
Tuomo Soini
30682e63d8
Shorewall/Macros: remove version number
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-10-26 10:20:11 +02:00
Tom Eastep
69dd7ce0b9
Add 'persistent' provider option - Phase II
...
- Also allow the creation of 'persistent' routing rules and routes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-25 16:45:11 -07:00
Tom Eastep
46c3db4f32
Add 'persistent' provider option - Phase I
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-22 06:58:32 -07:00
Tom Eastep
6e59fd5395
Correct permissions on certain files in $CONFDIR/$PRODUCT
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-22 06:58:05 -07:00
Tom Eastep
8dc16268a7
Delete main default routes when there are 'load=' or 'fallback=' interfaces
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-13 09:34:58 -07:00
Tom Eastep
a8e4671668
Remove version from config files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-12 15:02:50 -07:00
Tom Eastep
7388ff5154
Fix RESTART
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-12 14:08:24 -07:00
Tom Eastep
0dbe756e93
Manpage and Shorewall-5 changes for RESTART
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-12 13:49:24 -07:00
Tom Eastep
72d4637c22
Replace LEGACY_RESTART with RESTART
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-12 11:45:58 -07:00
Tom Eastep
bb538a7c10
Merge branch 'master' into 5.0.0
...
Conflicts:
Shorewall-core/lib.common
Shorewall-core/shorewallrc.debian.systemd
Shorewall-lite/shorewall-lite.service.debian
Shorewall/Perl/Shorewall/Chains.pm
Shorewall/Perl/Shorewall/Compiler.pm
Shorewall/Perl/Shorewall/Config.pm
Shorewall/Perl/Shorewall/Misc.pm
Shorewall/Perl/Shorewall/Raw.pm
Shorewall/Perl/Shorewall/Tc.pm
Shorewall/Perl/compiler.pl
Shorewall/Perl/prog.footer
Shorewall/lib.cli-std
Shorewall/manpages/shorewall-mangle.xml
Shorewall/manpages/shorewall.conf.xml
Shorewall/manpages/shorewall.xml
Shorewall/shorewall.service.debian
Shorewall6-lite/shorewall6-lite.service.debian
Shorewall6/manpages/shorewall6-mangle.xml
Shorewall6/manpages/shorewall6.conf.xml
Shorewall6/manpages/shorewall6.xml
Shorewall6/shorewall6.service.debian
docs/MultiISP.xml
docs/Shorewall_Squid_Usage.xml
2015-10-12 10:55:36 -07:00
Tom Eastep
1db3bfb53e
Manpage updates
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-10 13:19:41 -07:00
Tom Eastep
97e821d12d
Use %e rather than %_d for busybox compatibility
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-08 13:16:32 -07:00
Tom Eastep
af18896851
Remove options from 'update' warning messages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-05 08:19:09 -07:00
Tom Eastep
7dd9beeeae
Remove FORMAT specifications from macros and actions
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-22 12:39:22 -07:00
Tom Eastep
dfeeb2d5c3
Add GlusterFS action
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-19 12:31:54 -07:00
Tom Eastep
85e44c70eb
Add the Meta-connection to Tinc
...
- Both the macro and the tunnel type are updated
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-17 09:17:35 -07:00
Tom Eastep
888444f210
Add the Meta-connection to Tinc
...
- Both the macro and the tunnel type are updated
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-17 09:16:33 -07:00
Tom Eastep
1b2a43e5ea
Merge branch '5.0.0' of ssh://git.code.sf.net/p/shorewall/code into 5.0.0
2015-09-12 12:31:45 -07:00
Tom Eastep
03d99de8d5
Correct handling of reset
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-11 15:02:32 -07:00
Tom Eastep
1b571f3d86
Correct the reset command
...
- Also allow chain names to be specified a la the refresh command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-11 14:16:16 -07:00
Tuomo Soini
53dfe442c1
systemd: add reload to unit files
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-09-10 14:15:16 +03:00
Tom Eastep
7be4190e4c
Man page updates for the PROBABILITY column in the masq files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-08 18:00:53 -07:00
Tom Eastep
ddb325a662
Code changes for a PROBABILITY column in the masq file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-08 17:20:46 -07:00
Tom Eastep
e8ebfb5a11
Correct PSH,FIN check
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-07 15:46:14 -07:00
Tom Eastep
242080c59c
Rename SMALL_MASK to SMALL_MAX
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-07 13:10:44 -07:00
Tom Eastep
0aa5cb5086
Allow non-experts to use the user bits in the fw mark
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-07 11:35:47 -07:00
Tom Eastep
4b14924b99
Allow non-experts to use the user bits in the fw mark
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-07 11:29:24 -07:00
Tom Eastep
17d1caf8c5
Allow tags in global LOG_LEVELs
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-06 16:08:59 -07:00
Tom Eastep
fcd5b30ca8
Add FIN,RST and PSH,FIN to the tcpflags set
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-06 11:49:29 -07:00
Tom Eastep
e6ec52c711
Move a line of code
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-06 10:33:36 -07:00
Tom Eastep
eddd58d459
Move a line of code
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-06 10:33:09 -07:00
Tom Eastep
1bf13e5fda
Provide default for SHOREWALL_SHELL
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-06 10:29:36 -07:00
Tom Eastep
dbf2c89083
Provide default for SHOREWALL_SHELL
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-06 10:28:44 -07:00
Tom Eastep
6554f7fe28
Disable bare SECTION in the rules file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-04 11:16:07 -07:00
Tom Eastep
07976556ed
More inline match documentation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-03 09:45:39 -07:00
Tom Eastep
682a449e7b
Correct more Mangle examples
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-02 13:08:05 -07:00
Tom Eastep
8f86e2df19
Correct typo
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-02 13:07:33 -07:00
Tom Eastep
ba3dba78ff
Correct more Mangle examples
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-02 13:07:20 -07:00
Tom Eastep
59aeafba3a
Delimit inline matches by ';;'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-02 10:24:31 -07:00
Tom Eastep
9e98d30c92
Correct handling of log levels with default actions
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-02 08:55:18 -07:00
Tom Eastep
582755edf4
Unconditionally get inline matches
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-02 08:03:22 -07:00
Tom Eastep
c6ec9990e7
Unconditionally get inline matches
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-02 08:02:02 -07:00
Tom Eastep
dea1f853ea
Correct progress messages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-01 12:42:01 -07:00
Tom Eastep
a30708519d
Correct progress messages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-01 11:57:28 -07:00
Tom Eastep
f5d9e87c59
Remove anacronistic logic from the Rules module
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-31 16:02:22 -07:00
Tom Eastep
ed90360b4c
Remove all of the update-specific options from the update command
...
Leave -i and -A
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-31 14:21:41 -07:00
Tom Eastep
6a374b80e0
Correct INLINE handling
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-31 12:36:05 -07:00
Tom Eastep
9638033e24
Cosmetic changes to first_entry() calls
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
Conflicts:
Shorewall/Perl/Shorewall/Tc.pm
2015-08-31 11:33:32 -07:00
Tom Eastep
87ef6f730f
Correct a typo
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-31 11:21:37 -07:00
Tom Eastep
53223e1440
Uniform mechanism for inserting conversion comments
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
Conflicts:
Shorewall/Perl/Shorewall/Tc.pm
2015-08-31 11:21:18 -07:00
Tom Eastep
9b886a99af
Fix $convert/$tcrules mess
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
Conflicts:
Shorewall/Perl/Shorewall/Tc.pm
2015-08-31 11:19:42 -07:00
Tom Eastep
c77d18965a
Place a header in a created mangle file during update -t
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
Conflicts:
Shorewall/Perl/Shorewall/Tc.pm
2015-08-31 11:16:45 -07:00
Tom Eastep
5a6586e06c
Don't enforce FASTACCEPT/BLACKLISTNEWONLY on convert
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-31 11:14:49 -07:00
Tom Eastep
60e08322c5
Update man pages for 'minute' and 'second' in LOGLIMIT specifications
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-31 11:14:37 -07:00
Tom Eastep
df73f4b925
Assume EXPORTMODULES=No if it doesn't exist in old file during update
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-31 11:14:26 -07:00
Tom Eastep
be81ace811
Read capabilities file before the .conf file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-31 11:11:25 -07:00
Tom Eastep
e15a6f452e
Cosmetic changes to first_entry() calls
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-31 10:54:30 -07:00
Tom Eastep
656eaabce9
Correct a typo
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-31 09:39:40 -07:00
Tom Eastep
f42dc6def1
Uniform mechanism for inserting conversion comments
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-30 15:35:05 -07:00
Tom Eastep
6e303aef69
Fix $convert/$tcrules mess
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-29 18:52:11 -07:00
Tom Eastep
ab260dc5b1
Place a header in a created mangle file during update -t
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-29 12:52:21 -07:00
Tom Eastep
55ab498291
Don't enforce FASTACCEPT/BLACKLISTNEWONLY on convert
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-29 12:51:52 -07:00
Tom Eastep
10cda4cee7
Update man pages for 'minute' and 'second' in LOGLIMIT specifications
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-27 15:49:59 -07:00
Tom Eastep
de74273dbb
Assume EXPORTMODULES=No if it doesn't exist in old file during update
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-27 15:15:03 -07:00
Tom Eastep
af1e2f6c8b
Read capabilities file before the .conf file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-27 11:26:26 -07:00
Tom Eastep
dc2406d25b
update -t also converts the 'tos' file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-26 13:51:02 -07:00
Tom Eastep
e0734a45ee
Allow 'seconds' and 'minutes' in LOGLIMIT specifications
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-26 12:53:36 -07:00
Tom Eastep
28df894add
Improve 'update'
...
- convert BLACKLISTNEWONLY
- convert LOGRATE and LOGBURST
- default USE_DEFAULT_RT to No
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-26 12:50:56 -07:00
Tom Eastep
b0bf726c7e
Let 'update' default USE_DEFAULT_RT to 'No'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-26 12:40:16 -07:00
Tom Eastep
ad06ec3eef
Correct IPV6 range parsing
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-26 11:52:51 -07:00
Tom Eastep
71611233fb
Correct IPV6 range parsing
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-26 11:51:29 -07:00
Tom Eastep
7a98c7b9e5
More 'update' fixes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-25 15:55:49 -07:00
Tom Eastep
dc73832570
Delete unneeded 'my'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-25 14:36:53 -07:00
Tom Eastep
f5d1ec0243
Delete EXPORTPARAMS from %config
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-25 14:36:14 -07:00
Tom Eastep
f9ae28aeea
The -t option also converts the 'tos' file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-24 14:56:24 -07:00
Tom Eastep
eae492cef5
Some rules manpage updates
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-22 09:24:47 -07:00
Tom Eastep
2451c14d8c
Some rules manpage updates
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-22 08:27:52 -07:00
Tom Eastep
a30fdb356d
Update man pages for required '?' in COMMENT, SECTION and FORMAT lines
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-22 08:00:38 -07:00
Tom Eastep
a709395949
Allow 'none' in the log level argument to AutoBL
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-21 13:40:12 -07:00
Tom Eastep
98e5d54b92
Allow 'none' in the log level argument to AutoBL
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-21 13:39:25 -07:00
Tom Eastep
f4776bf388
Eliminate WIDE_TC_MARKS, HIGH_ROUTE_MARKS and BLACKLISTNEWONLY
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-21 12:42:19 -07:00
Tom Eastep
80acdd2836
Disallow bare COMMENT, SECTION and FORMAT lines
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-21 11:18:40 -07:00
Tom Eastep
40d1d86d2c
Drop support for the 'tos' file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-20 15:35:03 -07:00
Tom Eastep
26fca41e27
Eliminate discontinued files and manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-20 15:17:48 -07:00
Tom Eastep
5af5c67c75
Update a message to refer to the 'mangle' file rather than 'tcrules'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-20 14:54:54 -07:00
Tom Eastep
7956c5f6e0
Update a message to refer to the 'mangle' file rather than 'tcrules'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-20 14:48:29 -07:00
Tom Eastep
5a08f8bf4e
Correct shorewall-mangle(5) examples
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-20 11:09:42 -07:00
Tom Eastep
c59cb1351c
Update manpages for new update options
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-20 11:08:10 -07:00
Tom Eastep
82330395e9
Correct grammer in an error message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-20 09:25:32 -07:00
Tom Eastep
9a6f16903b
Use NYTProf for profiling.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-20 09:21:47 -07:00
Tom Eastep
9f2958fd27
Correct wording of an error message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-20 09:21:20 -07:00
Tom Eastep
4b003163d6
Use NYTProf for profiling.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-19 14:05:15 -07:00
Tom Eastep
39982c20c4
Restore the text of tcrules warning message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-19 12:34:35 -07:00
Tom Eastep
2b1f33c391
Don't unlink the tcrules file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-19 11:48:23 -07:00
Tom Eastep
1c33717cf5
Reverse the change to delete host routes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-19 11:06:28 -07:00
Tom Eastep
cd8fe38c85
Delete host routes added to the main routing table for providers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-19 10:44:37 -07:00
Tom Eastep
d525419c65
Correct wording of an error message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-19 10:44:00 -07:00
Tom Eastep
9d3f35a22d
Enable new update options in compiler.pl
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-16 11:57:36 -07:00
Tom Eastep
6bdf90631c
Fix a couple of bugs in 5.0.0
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-16 10:05:21 -07:00
Tom Eastep
c604823053
Default to FORMAT-2 macros and actions.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-14 16:11:41 -07:00
Tom Eastep
12f8cbae29
Correct the test for the existence of the routestopped file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-14 15:29:52 -07:00
Tom Eastep
4de6638385
Correct handling of termination after .conf file not updated
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-14 09:32:27 -07:00
Tom Eastep
0cef7fad35
Add conversion version and date to the converted files.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-14 09:32:17 -07:00
Tom Eastep
ea2a35415e
Correct convert_blacklist()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-14 09:32:01 -07:00
Tom Eastep
4cc7a1b87d
Correct tcrules update
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
Conflicts:
Shorewall/Perl/Shorewall/Tc.pm
2015-08-14 09:31:36 -07:00
Tom Eastep
7c2a969de0
Correct handling of notrack file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-14 09:26:45 -07:00
Tom Eastep
8bdea65325
Update manpages for new update options
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-13 16:12:28 -07:00