Commit Graph

7771 Commits

Author SHA1 Message Date
Roberto C. Sánchez
54e6412c49
Fix documentation typos 2018-12-15 15:34:45 -08:00
Tom Eastep
61ac08dc7f
Correct handling of netmask when two rates are specified in the RATE col.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-12-14 14:16:26 -08:00
Tom Eastep
f65b10c375
Remove dead/silly code from Shorewall::Chains::use_input/output_chain()
- combine the two into a single function use_interface_chain().

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-12-14 13:54:36 -08:00
Tom Eastep
35c7f304f7
Correct log name for untracked chain
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-12-14 11:00:27 -08:00
Tom Eastep
668cb6deda
Make 'status -i' work when there are no providers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-12-11 13:44:31 -08:00
Tom Eastep
8ed644a0ec
Correct HELPER requires error message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-11-28 11:00:41 -08:00
Tom Eastep
45f8d31021
Don't try to load ipt_ULOG
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-11-15 14:33:25 -08:00
Tom Eastep
03d2088cf7
Implement SW_CONFDIR support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-11-06 15:40:26 -08:00
Tom Eastep
6534201284
Fix assertion failure during 'check -r' when DOCKER=Yes
- avoid unnecessary mode transitions

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-10-31 15:30:03 -07:00
Tom Eastep
282ca14182
Corrections to DOCKER-ISOLATION change
- Handle DOCKER-USER

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-10-28 09:20:47 -07:00
Tom Eastep
4b7d346911
Merge branch '5.2.1' 2018-10-27 09:11:00 -07:00
Tom Eastep
131a2cd40d
Accommodate Docker version 18.06
- Optionally replace DOCKER-ISOLATION with DOCKER-ISOLATION-STAGE-1 and -2

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-10-27 09:04:34 -07:00
Tom Eastep
ae90ab1f68
Add version of Jeremie Courreges-Anglas's <jca@tranquil.it> patch
- Handle case where we are enabling/disabling a balanced/fallback provider
  and another such provider has lost carrier.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-10-11 15:18:47 -07:00
Tom Eastep
5e57c895b3
Avoid emacs issues with compiled code
- handle embedded spaces in moduledir path names

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-10-09 14:47:36 -07:00
Tom Eastep
aab1df7421
Correct ip[6]tables-restore failure message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-10-06 08:22:46 -07:00
Tom Eastep
9f3cc88cf0
Prevent invalid code generation with SNAT(detect)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-10-02 08:15:20 -07:00
Tom Eastep
aaa80882a0
Add Eric Teeter's Cockpit macro
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-09-28 09:43:55 -07:00
Tom Eastep
1b6de901e0
Merge branch '5.2.0' 2018-08-24 15:33:16 -07:00
Tom Eastep
56780a5d1f
Apply rate limiting in the nat table on nat+accept rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-08-24 15:31:20 -07:00
Tom Eastep
22c1bc2e9c
Apply rate limiting in the nat table on nat+accept rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-08-23 14:07:10 -07:00
Tom Eastep
5048e68cb5
Correct IPv4 examples in shorewall-blrules(5)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-08-13 19:21:03 -07:00
Tom Eastep
2d2ded7efc
Merge branch '5.2.0' 2018-08-07 07:46:29 -07:00
Tom Eastep
5e8fd570d1
Prepare for Perl 5.32
- Escape '{' in REs

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-08-07 07:43:58 -07:00
Tom Eastep
82e84f724d
Use -h rather than -L for checking a symlink
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-08-01 13:58:35 -07:00
Tom Eastep
7c31f70dc8
Use '=' rather than '&' to create UNTRACKED rule chains.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-08-01 13:50:20 -07:00
Tom Eastep
f1eafdc314
Use '=' rather than '&' to create UNTRACKED rule chains.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-08-01 13:48:29 -07:00
Tom Eastep
c195bab01d
Correct handling of a provider interface that matches a wildcard.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-29 20:34:02 -07:00
Tom Eastep
d829093caa
Use -h rather than -L for checking a symlink
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-26 13:57:10 -07:00
Tom Eastep
0d682fe78b
Disallow optional shared providers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-19 09:57:06 -07:00
Tom Eastep
410a20dda3
Make shared interface and 'load=<load-factor' play nice together
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-17 13:25:26 -07:00
Tom Eastep
0685d0edfd
Fix rate limiting
- Avoid specifying a timeout when the match is '-m limit'

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-15 08:57:43 -07:00
Tom Eastep
474604b1fe
Correct source interface exclusion
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-04 08:01:27 -07:00
Tom Eastep
6fef1f34ba
Correct links in manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-03 15:31:14 -07:00
Tom Eastep
93f0183550
Tweak do_ratelimit()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-03 14:22:30 -07:00
Tom Eastep
a42972644c
Allow specification of 'hashlimit' table sizes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-02 14:14:36 -07:00
Tom Eastep
b271c52603
Update RATE column documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-02 14:10:53 -07:00
Tom Eastep
49514e2d58
Allow specification of ht buckets and max entries in RATE columns
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-02 10:23:36 -07:00
Tom Eastep
a265685e20
Allow specification of VLSM in the RATE columns
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-02 09:08:45 -07:00
Matt Darfeuille
442e6ac152
Update version to 5.2
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-23 09:09:00 -07:00
Matt Darfeuille
14e5a2d5ca
Be more verbose in progress messages
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-23 09:02:18 -07:00
Tom Eastep
780eb0402c
Update manpages for interface exclusion
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-15 08:23:35 -07:00
Tom Eastep
bfb9852eb6
Allow MARK, CONNMARK, SAVE and RESTORE in the nat table
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-14 10:01:12 -07:00
Tom Eastep
a8b6a301f2
Revert "MARK and CONNMARK in the snat file"
This reverts commit e36547f8be.
2018-06-14 07:58:33 -07:00
Tom Eastep
150f7ab798
Allow specification of the TPROXY mark in CONNMARK and MARK.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-14 07:58:06 -07:00
Tom Eastep
b11d63a7bd
More manpage corrections
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-11 08:54:34 -07:00
Tom Eastep
84b283533b
Correct dangling link
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-11 08:52:07 -07:00
Tom Eastep
e36547f8be
MARK and CONNMARK in the snat file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-10 16:34:55 -07:00
Tom Eastep
0632723a6c
Support interface exclusion
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-10 12:02:19 -07:00
Tom Eastep
43543b5c32
Clean up shorewall-addresses(5)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-10 12:00:54 -07:00
Tom Eastep
ffc5a3c7df
Add ALT Linux support by Alexey Shabalin <sha-ba@mail.ru>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-05-29 08:13:26 -07:00