Commit Graph

4740 Commits

Author SHA1 Message Date
Tom Eastep
fc4aaa97c6 Expand variables in shorewallrc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-24 21:26:20 -07:00
Tom Eastep
217d5e636c Add BLACKLIST Macro
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-24 19:29:27 -07:00
Tom Eastep
eb118e4443 Add shorewallrc files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-24 13:05:39 -07:00
Tom Eastep
f4ed4109c6 Fix LENGTH handling (again)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-23 15:40:48 -07:00
Tom Eastep
398c843643 Concatenate match options when not KLUDGEFREE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-23 15:40:25 -07:00
Tom Eastep
01d07f55a9 Only include user exit basename in exported progress messages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-20 07:33:32 -07:00
Tom Eastep
a7b10c99da Add some comments to lib.core
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-20 07:17:19 -07:00
Tom Eastep
bdc8cb66bd Correct load_kernel_modules()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-20 07:15:47 -07:00
Tom Eastep
7bc823fb8b Support 'kerneltz'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 15:57:38 -07:00
Tom Eastep
48b7594b64 Delete prog.header*
- Move functions into lib.core with ?IF ... ?ELSE ... ?END

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 15:56:02 -07:00
Tom Eastep
88b1180817 Support ?IF in copied files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 13:38:24 -07:00
Tom Eastep
8803cd8d3b ?IF improvements
- Pass line number to make process_conditional more general
- Add debugging output
- Do first_line processing prior to looking for ?

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 12:51:22 -07:00
Tom Eastep
0063de1564 Add capabilities to conditionals
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 11:57:33 -07:00
Tom Eastep
f104596b39 Merge branch '4.5.1' 2012-03-19 10:13:08 -07:00
Tom Eastep
146d66f0aa Don't complain about SHOREWALL_INIT_SCRIPT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 09:52:55 -07:00
Tom Eastep
0ccb398cec Merge branch '4.5.1' 2012-03-19 09:22:44 -07:00
Tom Eastep
287a44be52 Allow TOS to work on RHEL5
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 09:22:21 -07:00
Tom Eastep
86f3667b82 Correct nested ?IF
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 08:19:32 -07:00
Tom Eastep
962b1cca1f Remove Perl diagnostic
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 07:46:45 -07:00
Tom Eastep
2026fdab6a Correct IPSET_WARNINGS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 07:44:52 -07:00
Tom Eastep
722e888043 Fix ?IF
- Allow nested ?IFs to work correctly
- Correct push logic for $ifstack

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 07:38:52 -07:00
Tom Eastep
e3997abfb9 Merge branch '4.5.2'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 07:27:53 -07:00
Tom Eastep
710687bbd6 Revert "Move conditional processing to it's own function"
This reverts commit 8262cff71a.
2012-03-19 07:23:57 -07:00
Tom Eastep
d4a1e7dba9 Revert "Allow ?IF, ?ELSE and ?ENDIF in copied files"
This reverts commit 29dd342118.
2012-03-19 07:23:24 -07:00
Tom Eastep
c7237e5c8e Revert "Move all functions from prog.header* to lib.core"
This reverts commit f9f557e1c6.
2012-03-19 07:22:51 -07:00
Tom Eastep
c299c6d61a Revert "Correct spelling"
This reverts commit 1d021e3701.
2012-03-19 07:22:29 -07:00
Tom Eastep
6769acc7a7 Revert "Some corrections to conditional inclusion"
This reverts commit 164d2f5d1b.
2012-03-19 07:22:07 -07:00
Tom Eastep
df33587395 Revert "Clean up of conditional inclusion."
This reverts commit 5f3ba4eb40.
2012-03-19 07:21:36 -07:00
Tom Eastep
508f33a183 Revert "Eliminate prog.header6"
This reverts commit 60f1004339.
2012-03-19 07:21:12 -07:00
Tom Eastep
11f970d1c2 Revert "Eliminate prog.header"
This reverts commit 13bf383ce8.
2012-03-19 07:20:57 -07:00
Tom Eastep
72e6330ff4 Revert "Add capabilities to ?IF conditionals"
This reverts commit 0d71c590e4.
2012-03-19 07:20:31 -07:00
Tom Eastep
5caf68bc31 Remove .project
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 19:31:40 -07:00
Tom Eastep
78306e9f5b Don't issue missing SHOREWALL_SHELL warning when compiling for export
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 19:30:32 -07:00
Tom Eastep
15ca0fd1f0 Add IPSET_WARNINGS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 19:30:04 -07:00
Tom Eastep
955a9f0051 Correct Steven's issues
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 19:10:46 -07:00
Tom Eastep
bd56caf74f Don't issue missing SHOREWALL_SHELL warning when compiling for export
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 12:54:53 -07:00
Tom Eastep
5bfd2cc2c9 Remove some WARNINGs
- Mr Dash4 has decided he doesn't want them after all.
2012-03-18 12:42:32 -07:00
Tom Eastep
e47ae4f26e Don't issue missing SHOREWALL_SHELL warning when compiling for export
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 12:28:26 -07:00
Tom Eastep
56f66bd966 Require the correct PROTO to use a port range in the ADDRESS column of masq
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 11:22:37 -07:00
Tom Eastep
6e089fb0e2 Require the correct PROTO to use a port range in the ADDRESS column of masq
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 11:21:53 -07:00
Tom Eastep
0d71c590e4 Add capabilities to ?IF conditionals
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 08:48:26 -07:00
Tom Eastep
d1661c95d5 Remove .project
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-17 18:29:32 -07:00
Tom Eastep
13bf383ce8 Eliminate prog.header
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-17 18:07:36 -07:00
Tom Eastep
60f1004339 Eliminate prog.header6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-17 17:51:56 -07:00
Tom Eastep
5f3ba4eb40 Clean up of conditional inclusion.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-17 12:12:32 -07:00
Tom Eastep
164d2f5d1b Some corrections to conditional inclusion
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-17 10:26:36 -07:00
Tom Eastep
1d021e3701 Correct spelling
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-17 09:42:15 -07:00
Tom Eastep
f9f557e1c6 Move all functions from prog.header* to lib.core
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-17 09:35:35 -07:00
Tom Eastep
29dd342118 Allow ?IF, ?ELSE and ?ENDIF in copied files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-17 09:33:40 -07:00
Tom Eastep
8262cff71a Move conditional processing to it's own function
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-17 09:32:56 -07:00
Tom Eastep
b7465262ca Rename MARK/CLASSIFY column to ACTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-16 10:09:13 -07:00
Tom Eastep
ab13fbe95e Allow conditional compilation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-16 08:16:12 -07:00
Tom Eastep
f7a2cd4ef1 Correct typos in accounting manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-14 15:34:19 -07:00
Tom Eastep
95e4f8dd91 Fix TOS(tos/mask) in tcrules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-14 15:34:11 -07:00
Tom Eastep
8e413a7bf0 Fix TOS(tos/mask) in tcrules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-14 15:33:31 -07:00
Tom Eastep
3e9edcb7e8 Correct typos in accounting manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-14 14:50:25 -07:00
Tom Eastep
4ba88d2e9c Merge branch '4.5.1' 2012-03-14 11:00:56 -07:00
Tom Eastep
aa503e7211 Apply Tuomo Soini's Makefile patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-14 10:57:41 -07:00
Tom Eastep
2a67a202b0 Merge branch '4.5.1' 2012-03-13 20:16:01 -07:00
Tom Eastep
7e14777b8f Fix typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-13 19:54:58 -07:00
Tom Eastep
c1d0681e17 Correct LENGTH column validation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-13 17:58:18 -07:00
Tom Eastep
98f8edbde5 Apply two patches from Tuomo Soini
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-13 13:27:20 -07:00
Tom Eastep
1dd6a8b291 Document use of chain designators with DSCP and TOS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-13 13:26:29 -07:00
Tom Eastep
feb5cc0093 Document use of chain designators with DSCP and TOS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-13 13:25:37 -07:00
Tom Eastep
e3f2c49c7e Remove level of indirection for the 'super' property
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-13 12:23:33 -07:00
Tom Eastep
fecd091078 Remove %zones{option}{nested}
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-13 11:31:13 -07:00
Tom Eastep
e0b360513c Remove a level of indirection for 'complex' zone flag.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-13 09:47:31 -07:00
Tom Eastep
01d99d4873 Move zone mss handling to the Rules File
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-12 15:59:35 -07:00
Tom Eastep
acb2e2a8ab Implement mss= in hosts file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-12 15:14:35 -07:00
Tom Eastep
0223439e2b Don't compile if ${DESTDIR}
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-12 14:02:44 -07:00
Tom Eastep
fa9f8329b5 Apply two patches from Tuomo Soini
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-12 13:57:37 -07:00
Tom Eastep
4ffcd80b02 Don't test compilation if $DESTDIR
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-11 09:49:26 -07:00
Tom Eastep
48570227ba Big cleanup of TOS handling
- Validate settings/matches
- Allow setting in the tcrules file.
- Deprecate /etc/shorewall[6]/tos
2012-03-09 16:16:25 -08:00
Tom Eastep
c112f20e17 Tighten editing of LENGTH column(s)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-07 14:07:04 -08:00
Tom Eastep
05f025e422 Don't install isusable script by default
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-07 07:46:53 -08:00
Tom Eastep
3ee9150deb Fix syntax error in the generated script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-06 09:15:34 -08:00
Tom Eastep
b2842ae8d4 Don't allow reserved variables to be set in params
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-05 15:42:53 -08:00
Tom Eastep
dff5136134 Correct issues with debugging the generated script
a) Rename DEBUG to g_debug_iptablesb
b) Clear all of the tables prior to handling iptables-restore input.
2012-03-05 15:21:10 -08:00
Tom Eastep
a84e131115 Fix bug in DSCP implementation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-05 09:50:15 -08:00
Tom Eastep
aab6e67e70 Omit non-default geometry settings from updated shorewall.conf.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-29 12:34:06 -08:00
Tom Eastep
61bf2d5bfd Fix installer
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-25 16:02:20 -08:00
Tom Eastep
016fe4bcf1 Merge branch 'master' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall
Conflicts:
	Shorewall-core/install.sh
	Shorewall/install.sh

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-25 07:30:07 -08:00
Roberto C. Sanchez
87381a0f65 FIx typos 2012-02-24 23:02:30 -05:00
Tom Eastep
47453a20f7 Tweak to Run-time gateway variables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-24 09:02:04 -08:00
Tom Eastep
b78d4ca41f Correct typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-23 13:54:50 -08:00
Tom Eastep
7273f4d8d4 Implement run-time gateway variables.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-23 13:36:00 -08:00
Tom Eastep
37a3dbb6f6 Don't install SysV init script if systemd is specified.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-23 10:59:10 -08:00
Tom Eastep
c252005e25 Add support for packager's config file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-23 10:07:02 -08:00
Tom Eastep
c975cddfda Correct init script installation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-22 14:51:41 -08:00
Tom Eastep
a6afac0f3c Use standard rpm macros
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-22 13:32:10 -08:00
Tom Eastep
ef850e4537 Use standard rpm macros
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-22 12:40:16 -08:00
Tom Eastep
2624005fa8 Fix FORMAT-2 interfaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-21 16:41:56 -08:00
Tom Eastep
20f990f2eb Fix install on SuSE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-21 14:24:50 -08:00
Tom Eastep
7de961ebfe Fix broken init scripts.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-21 13:16:12 -08:00
Tom Eastep
f6cc44eb6b Rename HOST -> TARGET and BUILD -> HOST
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-21 13:00:09 -08:00
Tom Eastep
3acd01a44d Rename some variables:
HOST -> TARGET
%initdir -> %shorewall_initdir

Also add %shorewall_target

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-21 12:34:41 -08:00
Tom Eastep
d5af9c360d Implement FORMAT-2 interfaces file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-21 11:23:58 -08:00
Tom Eastep
2137840fec Fix bug in DSCP support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-20 16:40:11 -08:00
Tom Eastep
ed9e03b095 Correct FEDORA/REDHAT fiasco
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-20 16:11:28 -08:00
Tom Eastep
3180e13719 Require LIBEXEC and LIBPERL to be absolute path names
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-20 12:04:00 -08:00