Commit Graph

85 Commits

Author SHA1 Message Date
Tom Eastep
b10218e773 Add a 'UDPLITE Port Redirection' capability.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 10:07:52 -07:00
Tom Eastep
e77ca971bd Avoid shell diagnostic in 'show capabilities' when no arptables installed
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 09:48:10 -07:00
Tom Eastep
8442477224 Add Enhanced Multi-port match capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 09:04:47 -07:00
Tom Eastep
418034579f Support IPv6 Masquerade
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-27 09:25:26 -08:00
Tom Eastep
40865dce4d Correct 'not running' error message in enable/disable commands.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-23 16:32:17 -08:00
Tom Eastep
82f9ba8bb7 Correct detection of IPv6 PERSISTENT_SNAT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-23 12:59:38 -08:00
Tom Eastep
8ed6642387 Modify reload_command() and export_command() to directly call compiler()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-22 16:15:41 -08:00
Tom Eastep
bb5b6e42d6 Replace death sequences with calls to fatal_error()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-16 07:32:47 -08:00
Tom Eastep
36db41457d Make 'version -a' work when not run by /sbin/shorewall.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-15 12:45:49 -08:00
Tom Eastep
38657d9f98 Support for arptables.
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-04 09:17:57 -08:00
Tom Eastep
24c69f9efb Sort the output of 'show capabilities'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-21 11:09:18 -08:00
Tom Eastep
60012d1208 Add additional space for the OPTIONS column
- actions and actions.std problem

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 10:54:32 -08:00
Tom Eastep
8cbe26e32c Ignore 'inline' for certain actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-01 07:54:42 -08:00
Tom Eastep
6702bb1989 Revert condition initialization patch.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-30 07:31:29 -08:00
Tom Eastep
409c427134 Add support for future condition initial values.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-29 12:15:15 -08:00
Tom Eastep
5fcdfd779c Don't default IPSET to 'ipset'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-09 08:54:54 -08:00
Tom Eastep
d0e03bb03a Sort IPv6 routing tables.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-23 11:53:19 -07:00
Tom Eastep
0387b16983 Implement CHECKSUM action in the tcrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-22 15:42:13 -07:00
Tom Eastep
f24e194819 Don't display chains with no matched entries when -b
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-22 14:15:37 -07:00
Paul Gear
ca5a0f4b15 Fix option parsing for brief option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-20 07:11:40 -07:00
Paul Gear
baf42f2ac0 Add brief option to shorewall show
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-20 07:11:31 -07:00
Tom Eastep
30066062d1 Move SHOREWALL_CAPVERSION declaration to lib.cli
- Make 'shorwall' the default g_program in lib.cli
- Initialize g_tool in lib.cli for shorewall and shorewall6 to
  facilitate use of the library without reading shorewall[6].conf.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-19 07:12:49 -07:00
Tom Eastep
49acc84f05 Add URL to the "Log message doesn't exist" message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-13 11:16:59 -07:00
Tom Eastep
47de98ff44 Rename crvsn -> vlsm in sort_routes()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-13 09:58:34 -07:00
Tom Eastep
1df48b46ef Enable 'show dynamic' for dynamic zones.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-07 08:36:28 -07:00
Tom Eastep
8c97681421 Merge branch '4.5.8'
Conflicts:
	Shorewall-core/lib.cli
2012-10-07 08:24:04 -07:00
Tom Eastep
431309678a Enable dynamic zones to work with all ipset versions
- Re-add lost logic from 4.5.8.1 fix.
- create separate variables for add/delete and LIST

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-07 08:10:57 -07:00
Tom Eastep
7ca1a43118 Fix 'show dynamic'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-07 07:15:43 -07:00
Tom Eastep
8091ad6c70 Modify lib.cli to run the 'add' and 'delete' to allow the zone name to come first
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-06 09:22:14 -07:00
Tom Eastep
c12985b75b Correct typo in error message.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-01 07:17:39 -07:00
Tom Eastep
22c3766b47 Correct typo in error message.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-01 07:17:03 -07:00
Tom Eastep
92d39dc56d Expunge the g_perllib variable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-01 06:59:39 -07:00
Tom Eastep
a8e9296473 Expunge the g_sbindir variable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-01 06:55:48 -07:00
Tom Eastep
749e239d15 Expunge the g_libexec variable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-01 06:51:36 -07:00
Tom Eastep
526ad75c49 Expunge the g_vardir variable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-01 06:44:52 -07:00
Tom Eastep
a12f1f9fbb Always set IPSET in get_config()
- Previously, lib.cli-std set the variable but lib.cli did not.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-30 11:36:40 -07:00
Tom Eastep
d1bf727127 Allow dynamic zones to work with ipset V5
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-30 08:52:56 -07:00
Tom Eastep
092c2ef8f7 No longer process the local shorewall.conf when compiling from a directory
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-01 08:21:45 -07:00
Tom Eastep
5326f35789 Move routing output closer to the IP output in 'dump'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-23 09:16:45 -07:00
Tom Eastep
e4830f6342 Compensate for silly RHEL bug
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-19 06:43:25 -07:00
Tom Eastep
c007f847a0 Handle disabled helpers in pre-3.5 kernels.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-06 15:54:45 -07:00
Tom Eastep
49fb2799e9 Correct detection of 'netbios-ns' in the CLIs.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-05 08:07:19 -07:00
Tom Eastep
6c97e13107 Use -j CT for helper detection, when available
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-04 11:36:03 -07:00
Tom Eastep
72307df6d2 Replace the AUTOHELPERS option with the HELPERS option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-03 10:53:20 -07:00
Tom Eastep
9ceff3c213 Display KERNELVERSION and CAPVERSION in 'show capabilities'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-02 17:38:41 -07:00
Tom Eastep
21770a89d6 Detect which matches are available.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-02 15:38:23 -07:00
Tom Eastep
917e2980a4 Correct error message generation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-30 09:22:43 -07:00
Tom Eastep
c8ea03bf8c Update help text
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-30 07:23:53 -07:00
Tom Eastep
735b7c2cf5 Add support for nfacct
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-28 11:21:16 -07:00
Tom Eastep
87c0f934aa Add NFacct Match capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-28 08:19:05 -07:00