Tom Eastep
50b4bd8dfe
More Blacklist and Secmark documentation updates
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-06 17:26:49 -07:00
Tom Eastep
f3255cd83a
Rework blacklisting
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-06 15:29:20 -07:00
Tom Eastep
c6f58ba924
Enhance SELinux support:
...
- Add state match
- Add user/group match
- Add examples to the man pages
2010-09-06 09:06:40 -07:00
Tom Eastep
b139ff7e90
Update docs and implementation of SECMARK
2010-09-04 16:08:29 -07:00
Tom Eastep
15d8d6d8b7
Add SECMARK and CONNSECMARK support
2010-09-04 15:12:08 -07:00
Tom Eastep
5aceddbf37
Update Accounting Documents
2010-08-22 16:40:04 -07:00
Tom Eastep
e70d9c82d8
Revise and document IPSEC Accounting
...
- Place accounting rules in accipsecin and accipsecout
- Add warning when rule inserted into unreferenced accounting chain
- Add warning when an accounting chain has no references
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-20 08:24:45 -07:00
Tom Eastep
33ee9b1481
Add IPSEC Accounting (again)
2010-08-20 06:53:31 -07:00
Tom Eastep
4322d7b2af
Zone exclusion
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-18 16:10:58 -07:00
Tom Eastep
255cd6cf9c
Implement zone lists in rules file entries
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-18 12:18:58 -07:00
Tom Eastep
36054b7784
Add additional vserver notes in rules manpages
2010-08-12 17:52:22 -07:00
Tom Eastep
e35e9d2c99
Clarify nesting of vserver zones
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-12 15:26:30 -07:00
Tom Eastep
0234564a1b
Add destination IP blacklisting
2010-08-10 17:33:50 -07:00
Tom Eastep
967629569b
Taylor Universal config to work with Shorewall-init and streamline ruleset
...
- Make interface 'all' optional and set REQUIRE_INTERFACE=Yes
- Add COMPLETE option
- Set FASTACCEPT in Universal samples
- Reset SUBSYSLOCK in Universal samples
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-08-01 08:36:56 -07:00
Tom Eastep
bd5facda30
Implement per-IP log rate limiting
2010-07-25 12:42:39 -07:00
Tom Eastep
d447482dd6
Fix typo in rules manpages
2010-07-13 07:37:14 -07:00
Tom Eastep
eff84ae8a6
Add warning about ff80::/10 in shorewall6-interfaces manpage
2010-07-12 11:19:11 -07:00
Tom Eastep
8d5f04d5a5
Correct TC_PRIO description in shorewall.conf and shorewall6.conf manpages
2010-07-07 15:35:26 -07:00
Tom Eastep
02fab09a14
Add PERL= option to shorewall.conf and shorewall6.conf
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-07-05 13:11:52 -07:00
Tom Eastep
d3e30b5fe4
Add FORWARD_CLEAR_MARK option
2010-07-03 17:03:42 -07:00
Tom Eastep
e4afc15370
Finish Vserver Implementation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-06-30 20:35:46 -07:00
Tom Eastep
925de3cee9
Fix typo in tcrules manpages
2010-05-26 06:42:37 -07:00
Tom Eastep
896e18be00
Document REQUIRE_INTERFACE
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-19 07:37:49 -07:00
Tom Eastep
b42d80cb29
Update 'wait' documentation.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-15 09:59:57 -07:00
Tom Eastep
88188202cc
Add 'wait' interface option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-15 09:52:46 -07:00
Tom Eastep
16e451a7d8
Add 'required' interface option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-15 09:04:32 -07:00
Tom Eastep
96bef5bd49
Assume 'routeback' in routestopped based on interface config.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-05-03 12:31:11 -07:00
Tom Eastep
013567496c
Update manpages for addressless bridge
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-27 12:40:57 -07:00
Tom Eastep
0a9b7c75d0
Delete misleading wording in the explaination of rate limiting
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-16 06:24:35 -07:00
Tom Eastep
aeb90969f7
Optimize 8 Documentation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-04-14 17:12:25 -07:00
Tom Eastep
9a720cf516
Further clarify the use of log levels with macros
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-30 08:14:32 -07:00
Tom Eastep
18bb6c94ca
Improve formatting of 'rules' manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-30 08:08:57 -07:00
Tom Eastep
5ad0088ce7
Describe required quoting in shorewall[6].conf
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-28 07:12:16 -07:00
Tom Eastep
f9327d34e1
Add 'blacklst' to the documented unoptimized chains.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-22 06:58:29 -07:00
Tom Eastep
2e7a0297db
More LOGBURST/LOGRATE clarification.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-21 07:35:38 -07:00
Tom Eastep
a01fa345b7
Add support for UDP Lite
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-16 09:42:50 -07:00
Tom Eastep
a963c8f955
Don't export CONFDIR or SHAREDIR
...
Document CONFDIR, SHAREDIR and VARDIR
Add FILEMODE to the old reserved variable names
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-03 11:46:23 -08:00
Tom Eastep
49c1350aa0
Documentation for final cleanup of variable names
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-03 10:28:09 -08:00
Tom Eastep
2656a9b0c7
Eliminate use of PRODUCT
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-02 12:34:36 -08:00
Tom Eastep
5613d0105a
Remove all reliance on HOSTNAME
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-02 11:59:38 -08:00
Tom Eastep
55e1124bbe
Update docs regarding VERSION
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-02 08:18:01 -08:00
Tom Eastep
5fc6d58e19
Eliminate STOPPING variable
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-03-02 07:37:30 -08:00
Tom Eastep
53c73bc8e9
Eliminate VERBOSE
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-28 17:58:01 -08:00
Tom Eastep
061d850c16
Rename RESTOREPATH to g_restorepath
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-26 08:35:50 -08:00
Tom Eastep
8aaddf368b
More reserved variable names documented
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-25 12:37:22 -08:00
Tom Eastep
570497766b
Add COMMAND to the list of reserved variable names
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-23 07:18:54 -08:00
Tom Eastep
4320ebb8b0
Add SW_* to the list of reserved variable names
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-23 06:57:29 -08:00
Tom Eastep
efa41d1801
Correct a typo
2010-02-22 08:36:31 -08:00
Tom Eastep
56bcb5ebc4
Remove mention of variable name change from shorewall6-params
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-21 15:19:26 -08:00
Tom Eastep
8c3bb22511
Additions to reserved shell variables
2010-02-21 08:34:21 -08:00
Tom Eastep
c030bc900c
List variable names to be avoided in manpages and config file basics doc.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-19 08:12:56 -08:00
Tom Eastep
4e0225a4c3
Update Documentation for per-IP rate limiting fixes.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-18 07:12:36 -08:00
Tom Eastep
433fc385bc
'bridge' implies 'routeback'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-02-09 14:04:36 -08:00
Tom Eastep
add302d02a
Correct typo in manpages
2010-02-09 06:49:30 -08:00
Tom Eastep
76f053246a
Add description of bandwidth specification to the tcinterfaces man pages
2010-02-09 06:42:31 -08:00
Tom Eastep
9408a114c6
Don't load unused modules when LOAD_HELPERS_ONLY=Yes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-25 10:50:49 -08:00
Tom Eastep
f74771a118
More LOAD_HELPERS_ONLY documentation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-21 20:30:35 -08:00
Tom Eastep
5ae3e239e6
Update manpages for functionality backported from 4.5
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-16 11:51:32 -08:00
Tom Eastep
25d433b36f
Update TRACK_PROVIDER description in the man pages.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-14 08:36:22 -08:00
Tom Eastep
ce96bb003e
Update manpages for TRACK_PROVIDERS
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-14 07:48:01 -08:00
Tom Eastep
4420eed8d7
Allow users to preview the generated ruleset.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-12 15:32:50 -08:00
Tom Eastep
4d3887c4f6
Recommend EXPORTPARAMS=Yes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-01-04 16:31:49 -08:00
Tom Eastep
7e3675fb30
Move 4.5 manpage/doc updates to master
2009-12-26 12:40:16 -08:00
Tom Eastep
3bd3defd8e
fix formatting in shorewall6-interfaces(5)
2009-12-24 08:16:29 -08:00
Tom Eastep
d5c695258a
Document 'forward' option in shorewall6-interfaces(5)
2009-12-24 07:58:59 -08:00
Tom Eastep
232423edf8
Fix typo in both 'notrack' manpages
2009-12-11 08:54:35 -08:00
Tom Eastep
4e8d753682
Revert "Finish Virtual Zones"
...
This reverts commit 222c8cf88f
.
2009-11-28 07:20:52 -08:00
Tom Eastep
0b1621027b
Revert "Make 'virtual' a zone type rather than an option"
...
This reverts commit 18eedf7e34
.
2009-11-28 07:19:10 -08:00
Tom Eastep
18eedf7e34
Make 'virtual' a zone type rather than an option
2009-11-27 08:17:18 -08:00
Tom Eastep
222c8cf88f
Finish Virtual Zones
2009-11-26 12:14:58 -08:00
Tom Eastep
d189c08533
Revert "Add 'virtual' zone support"
...
This reverts commit a2cd4bd1f4
.
2009-11-25 11:51:13 -08:00
Tom Eastep
a2cd4bd1f4
Add 'virtual' zone support
2009-11-25 09:42:28 -08:00
Tom Eastep
9d5dd2ad3a
Implement an '-l' option to the 'show' command
2009-11-16 15:14:24 -08:00
Tom Eastep
dd543a2934
Tweak policies display
2009-11-16 09:30:37 -08:00
Tom Eastep
f5a019becc
Implement 'show policies' command
2009-11-15 09:24:56 -08:00
Tom Eastep
a4eb581d44
Document full logical interface implementation
2009-11-11 10:45:01 -08:00
Tom Eastep
1735e168b1
Fix manpages
2009-11-10 15:48:49 -08:00
Tom Eastep
bf8c38e054
Add ZONE2ZONE option to shorewall.conf
2009-11-10 14:12:55 -08:00
Tom Eastep
7014bd3ea0
Add 'physical' interface option for bridge ports
2009-11-06 08:07:13 -08:00
Tom Eastep
7e21488aec
Document ICMP codes
2009-11-05 11:58:54 -08:00
Tom Eastep
4c3b0c7571
Re-word 'limit' description
2009-10-28 11:29:12 -07:00
Tom Eastep
105754823a
Raise max limit to 128
2009-10-26 13:03:26 -07:00
Tom Eastep
f0b4b1f42e
Add limit option to tcclasses
2009-10-26 12:23:32 -07:00
Tom Eastep
d0cda6b6ea
Add TRACK_PROVIDERS option
2009-10-20 13:24:17 -07:00
Tom Eastep
49f361124e
Make 'track' the default
2009-10-20 12:24:28 -07:00
Tom Eastep
904754c074
Correct syntax of TIME column
2009-09-13 07:03:25 -07:00
Tom Eastep
6f54b5ea2f
Formatting in zones manpage
2009-09-11 10:49:49 -07:00
Tom Eastep
02d9888513
Document ipsec4/6
2009-09-10 14:56:39 -07:00
Tom Eastep
b092ba5671
clarify IP_FORWARDING in IPv6
2009-09-04 19:04:03 -07:00
Tom Eastep
a62d86aca7
Update interfaces manpage
2009-08-28 13:45:00 -07:00
Tom Eastep
088e164f18
Redefine 'full' when used in a sub-class definition
2009-08-24 11:56:16 -07:00
Tom Eastep
ff5e95b164
Update manpages to mention mixed type nesting
2009-07-29 15:09:32 -07:00
Tom Eastep
58f0110ad3
Purge more manpages of outdated references
2009-07-15 19:15:52 -07:00
Tom Eastep
73b9f04fc6
Don't allow the -p start/stop option with Shorewall6; remove Shorewall-shell/Shorewall-perl references from the 'shorewall' manpage
2009-07-15 13:47:16 -07:00
Tom Eastep
6c1a500408
Fix typo in 'shorewall6' manpage
2009-07-15 13:08:04 -07:00
Tom Eastep
5044c70230
Remove bizarre sentence from tcclasses man pages
2009-06-20 17:37:09 -07:00
Tom Eastep
eb5fc2c415
Document 'findgw' in the extension script doc
2009-06-17 16:46:20 -07:00
Tom Eastep
f11efc7319
Clarify the -a version option
2009-06-17 12:42:13 -07:00
Tom Eastep
dcb4ca61a5
Add iptrace/noiptrace commands
2009-06-17 12:03:05 -07:00
Tom Eastep
defaa11248
Correct type on the 'rules' manpages
2009-06-12 11:36:52 -07:00