Commit Graph

2526 Commits

Author SHA1 Message Date
Tom Eastep
22991ac9dd Fix a couple of bugs in virtual zones 2009-11-26 14:19:10 -08:00
Tom Eastep
222c8cf88f Finish Virtual Zones 2009-11-26 12:14:58 -08:00
Tom Eastep
8ff4d004c0 Better virtual zone implementation 2009-11-25 18:14:14 -08:00
Tom Eastep
8263ea1312 Limit providers to 15 2009-11-25 12:18:08 -08:00
Tom Eastep
d189c08533 Revert "Add 'virtual' zone support"
This reverts commit a2cd4bd1f4.
2009-11-25 11:51:13 -08:00
Tom Eastep
a2cd4bd1f4 Add 'virtual' zone support 2009-11-25 09:42:28 -08:00
Tom Eastep
4c40b205f8 Revert "Experimental explicit CONTINUE"
This reverts commit 10056a03d9.
2009-11-24 13:14:24 -08:00
Tom Eastep
10056a03d9 Experimental explicit CONTINUE 2009-11-24 12:50:53 -08:00
Tom Eastep
cd84efea94 Yet one more change to IPv6 address validation 2009-11-24 08:29:12 -08:00
Tom Eastep
deb45c5a27 Yet another IPv6 Address Normalization fix 2009-11-23 15:57:12 -08:00
Tom Eastep
bdb673a642 More IPv6 fixes 2009-11-23 15:21:25 -08:00
Tom Eastep
1710f9ce7c Several fixes to IPv6 Address Handling 2009-11-23 14:44:53 -08:00
Tom Eastep
9d85d0ff7a Allow IPv6 DNS names in net contexts 2009-11-23 13:51:46 -08:00
Tom Eastep
d3d21d4d18 Fix 'show policies' in Shorewall6[-lite] 2009-11-23 13:50:41 -08:00
Tom Eastep
f186c436d4 Improve wording of Problem Corrected #3 2009-11-23 11:48:08 -08:00
Tom Eastep
5610f78a48 Update version of Shorewall::Policy; improve 'expanded' description in Shorewall::Chains 2009-11-23 11:31:38 -08:00
Tom Eastep
cc809eaf78 Complete merge of 4.4 branch into master 2009-11-23 11:15:33 -08:00
Tom Eastep
c17ac8f23f commit crap for now 2009-11-23 11:13:57 -08:00
Tom Eastep
532105ec39 Allow specific policy to supersede a wildcard policy 2009-11-23 10:02:04 -08:00
Tom Eastep
b30cae89e3 Allow <zone>::<serverport> in the rules file DEST column 2009-11-23 09:56:15 -08:00
Tom Eastep
99a35c1bf0 Allow <zone>::<serverport> in the rules file DEST column 2009-11-23 09:33:16 -08:00
Tom Eastep
d43ba935d1 Simplify port == 0 test 2009-11-22 09:03:01 -08:00
Tom Eastep
5b02ef68a5 Simplify port == 0 test 2009-11-22 09:00:03 -08:00
Tom Eastep
90170d6018 Update changelog 2009-11-22 08:58:06 -08:00
Tom Eastep
d4ff629fd8 Generate error on port == 0 2009-11-22 08:44:11 -08:00
Tom Eastep
720442b400 Fix merge screwup 2009-11-22 08:43:32 -08:00
Tom Eastep
bd9c0ac285 Generate error on port == 0 2009-11-22 08:39:03 -08:00
Tom Eastep
76e7dea858 Generate error on port == 0 2009-11-22 08:36:40 -08:00
Tom Eastep
6e9d9e239d Apply 4.4.4.1 changes to master 2009-11-22 08:20:07 -08:00
Tom Eastep
c8209f4ce2 Apply bridge fix to 4.4 2009-11-22 08:18:23 -08:00
Tom Eastep
4aeee6fd8b Make 'expanded' apply to all wildcard policies 2009-11-21 14:18:01 -08:00
Tom Eastep
c7de19cf39 Allow specific policy to supersede an expanded one 2009-11-21 13:56:40 -08:00
Tom Eastep
cbe944c354 Open the 4.5.0 Thread 2009-11-21 11:41:10 -08:00
Tom Eastep
ecf6a0ec4a Open 4.4.5 2009-11-21 11:08:50 -08:00
Tom Eastep
bce4d51a18 Allow wide MARK values in tcclasses when WIDE_TC_MARKS=Yes 2009-11-21 07:54:42 -08:00
Tom Eastep
c5bb493b29 Fix class number assignment when WIDE_TC_MARKS=Yes 2009-11-20 12:25:15 -08:00
Tom Eastep
0df84cf8b5 Remove superfluous line of code 2009-11-19 10:54:58 -08:00
Tom Eastep
a23632f45e Mostly cosmetic cleanup of Shorewall::Chains 2009-11-19 10:35:25 -08:00
Tom Eastep
c39a9fb5eb Fix typo in shorewall-rules(5) 2009-11-18 19:55:20 -08:00
Tom Eastep
4579a71574 More massaging of redundant test suppression 2009-11-17 11:14:02 -08:00
Tom Eastep
831611e792 Update version of Shorewall::Policy 2009-11-16 20:24:01 -08:00
Tom Eastep
5f70b261b6 Update version of Shorewall::Compiler 2009-11-16 20:21:59 -08:00
Tom Eastep
c4bfab29a5 Clean up release notes 2009-11-16 15:21:11 -08:00
Tom Eastep
9d5dd2ad3a Implement an '-l' option to the 'show' command 2009-11-16 15:14:24 -08:00
Tom Eastep
5ec4f8d82c Unconditionally include route marking and sticky chains 2009-11-16 14:15:01 -08:00
Tom Eastep
2a910ebddf Suppress redundant tests for provider availability in route rules processing 2009-11-16 12:43:44 -08:00
Tom Eastep
31f01fe765 Document fixing route rule addition code 2009-11-16 11:20:02 -08:00
Tom Eastep
016537f631 Don't add route rules when interface is down 2009-11-16 10:58:38 -08:00
Tom Eastep
dd543a2934 Tweak policies display 2009-11-16 09:30:37 -08:00
Tom Eastep
f5a019becc Implement 'show policies' command 2009-11-15 09:24:56 -08:00
Tom Eastep
b662718eec Replace canonical_chain by rules_chain 2009-11-14 07:07:19 -08:00
Tom Eastep
10affb1cde Set version to 4.4.4 2009-11-13 13:52:49 -08:00
Tom Eastep
fa3bdde214 Set version to Beta2 2009-11-13 12:39:41 -08:00
Tom Eastep
0e6c9abb5b A fix for COPY handling 2009-11-12 16:45:39 -08:00
Tom Eastep
f904866336 More minor cleanup of chain name change 2009-11-12 12:30:08 -08:00
Tom Eastep
2d53f8cb0c Delete unnecessary function 2009-11-11 16:35:46 -08:00
Tom Eastep
e748341afd Correct mis-statement in the release notes 2009-11-11 16:35:06 -08:00
Tom Eastep
b943f09e37 Fix indentation 2009-11-11 12:34:15 -08:00
Tom Eastep
4e6b8f8f42 Set version to 4.4.4-Beta1 2009-11-11 10:58:22 -08:00
Tom Eastep
0f078e7440 Ignore empty port in INTERFACE column 2009-11-11 10:52:14 -08:00
Tom Eastep
a4eb581d44 Document full logical interface implementation 2009-11-11 10:45:01 -08:00
Tom Eastep
06d3b2c692 Allow wildcard logical names in COPY column 2009-11-11 10:17:53 -08:00
Tom Eastep
6987cd15c5 Avoid dereference of null variable 2009-11-11 10:10:45 -08:00
Tom Eastep
ba8ad6346a More use of logical chain name 2009-11-11 10:06:06 -08:00
Tom Eastep
893a847c87 Suppress extra COMMENT warnings 2009-11-10 17:17:55 -08:00
Tom Eastep
bd9c651961 Clarify physical naming rules and '+' 2009-11-10 15:25:25 -08:00
Tom Eastep
bf8c38e054 Add ZONE2ZONE option to shorewall.conf 2009-11-10 14:12:55 -08:00
Tom Eastep
7120a73f0e Minor efficiency improvement in move_rules() 2009-11-10 08:08:02 -08:00
Tom Eastep
c9e57c93a2 Insure uniqueness of physical names; use logical name when constructing the name of a chain 2009-11-10 07:24:14 -08:00
Tom Eastep
4e2f2923b6 Update ::Config::VERSION 2009-11-09 13:16:40 -08:00
Tom Eastep
79b5cb49df Fix over-zealous use of physical name; Correct syntax errors 2009-11-09 12:38:00 -08:00
Tom Eastep
893a0c9d42 Remove order dependency in interface OPTIONS processing 2009-11-09 11:15:08 -08:00
Tom Eastep
9b127e6e06 Improve performance of logical->physical mapping 2009-11-09 07:27:14 -08:00
Tom Eastep
92208251b7 Add undocumented LOGICAL_NAMES option 2009-11-09 07:01:25 -08:00
Tom Eastep
dda6f06883 Update module versions 2009-11-08 09:01:30 -08:00
Tom Eastep
4d977306f9 Make 'physical' work as a general logical name facility 2009-11-08 08:37:03 -08:00
Tom Eastep
83621ff416 Add logical->physical mapping to Shorewall::Chains 2009-11-08 07:11:38 -08:00
Tom Eastep
09f1b6501c Add logical->physical mapping to Shorewall::Providers 2009-11-08 07:00:43 -08:00
Tom Eastep
ca1dd1416d Add logical->physical mapping to Shorewall::Tc 2009-11-08 06:26:47 -08:00
Tom Eastep
1238b771a2 Apply logical->physical mapping to /proc settings 2009-11-07 18:59:10 -08:00
Tom Eastep
b1706e10e3 Correct typo 2009-11-07 07:58:15 -08:00
Tom Eastep
bcd4887d84 Correct capitalization in error message; remove unused variable 2009-11-07 07:39:28 -08:00
Tom Eastep
7f54a6fea9 Make non-wild physical work correctly 2009-11-07 07:19:52 -08:00
Tom Eastep
496cfc391e Make parsing of zone options tighter 2009-11-06 15:51:53 -08:00
Tom Eastep
b491745f1c More physical interface changes 2009-11-06 13:10:19 -08:00
Tom Eastep
4ef45ff665 Generate an error if a bridge port is configured as a provider interface 2009-11-06 09:22:16 -08:00
Tom Eastep
73eab1fa55 Report physical name in zone reports rather than logical name 2009-11-06 08:40:53 -08:00
Tom Eastep
d73ebb8a6a Add comment explaining the purpose of dump_zone_contents() 2009-11-06 08:11:18 -08:00
Tom Eastep
7014bd3ea0 Add 'physical' interface option for bridge ports 2009-11-06 08:07:13 -08:00
Tom Eastep
89bdcf9a3d Implement 'physical' option 2009-11-06 07:27:44 -08:00
Tom Eastep
a98195e156 Back out fix for multiple bridges with wildcard ports 2009-11-05 16:34:41 -08:00
Tom Eastep
fb3477b8b5 A couple of additional tweaks to the two-bridge fix 2009-11-05 13:40:03 -08:00
Tom Eastep
b4199fd068 Document ICMP codes 2009-11-05 11:44:40 -08:00
Tom Eastep
28b660c853 Avoid reporting bogus duplicate interface with two bridges and wildcard ports 2009-11-05 11:04:14 -08:00
Tom Eastep
4548db58da Relax port list limitation in /etc/shorewall/routestopped 2009-11-03 11:36:32 -08:00
Tom Eastep
4f5c602d5f Fix .spec error and document logrotate files 2009-11-03 10:12:38 -08:00
Tom Eastep
25549b176c Update version to 4.4.4 2009-11-03 10:06:29 -08:00
Tom Eastep
306549119a Add logrotate files to packages 2009-11-03 10:06:10 -08:00
Tom Eastep
5a525134ea Be sure that startup log is secured 0600 2009-11-03 09:34:21 -08:00
Tom Eastep
f2f91ce7dd Some optimizations 2009-11-03 09:28:34 -08:00