teastep
1beb8c15aa
Generalize the notion of 'exclude list' in the rules file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2503 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-16 00:11:08 +00:00
teastep
dee6d1ad0e
Rework fix for bug in exclusion list processing
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2499 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-15 20:49:06 +00:00
teastep
a2dca45579
Fix bug in exclusion list processing
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2498 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-15 20:25:49 +00:00
teastep
fb9292eb71
Yet another improvement to rules generated for exclusion lists
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2497 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-15 20:21:52 +00:00
teastep
f6565e19a0
More improvements to rules generated for exclusion lists
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2496 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-15 20:16:34 +00:00
teastep
0f7def6c67
Improve rules generated for exclusion lists
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2495 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-15 18:33:51 +00:00
teastep
42ee8d0c19
Finally implement exclude lists in rules
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2493 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-15 17:35:45 +00:00
teastep
5df7bc0538
Remove sub-zone exclusion feature in preparation for implementing true exclude lists
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2492 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-15 16:04:39 +00:00
teastep
e075e8c3e2
Fix 'Packet type match' availability reporting with PKTTYPE=No
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2491 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-14 19:26:17 +00:00
teastep
999c74bf03
Generate an error when 'norfc1918' is specified for an interface with an RFC 1918 IP address
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2489 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-14 16:45:48 +00:00
teastep
ea1bf1a7c8
Make the calling sequence of 'build_exclusion_chain' more rational
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2488 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-13 21:39:34 +00:00
teastep
daef55a295
Back out ill-advised tcrules portlist patch
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2486 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-12 23:57:35 +00:00
teastep
1625a7c4f3
Allow port lists in tcrules
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2484 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-12 22:11:30 +00:00
teastep
370d61970a
Add FASTACCEPT option to accept ESTABLISHED/RELATED packets early
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2474 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-11 19:53:07 +00:00
teastep
ed2076a0fc
Fix problem with exclusion lists
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2469 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-11 01:40:50 +00:00
teastep
24dc05e6b7
Fix a couple of bugs
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2459 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-07 00:17:29 +00:00
teastep
e2253d6092
Install the Makefile -- Patch by Cristian Rodriquez
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2458 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-06 16:58:18 +00:00
teastep
39ca0828db
Infrastructure for Unified Handling of Exclude Lists
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2457 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-05 15:52:03 +00:00
teastep
bba152b119
Don't generate redundant ACCEPT rules for DNAT/REDIRECT/SAME
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2456 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-05 14:13:45 +00:00
teastep
f56e907907
Correct typo in /etc/shorewall/policy; Allow "all+" in SOURCE/DEST in /etc/shorewall/rules to enable intra-zone traffic
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2454 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-04 20:24:23 +00:00
teastep
1b1af2fc65
Remove some dead code and reduce confusion amoung those who read the code (including me)
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2450 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-02 21:06:05 +00:00
teastep
ac1983a5da
Large cleanup patch from Tuomo Soini
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2449 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-02 16:46:30 +00:00
teastep
3f748212d6
Globalize shorewall_is_started()
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2443 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-01 20:35:28 +00:00
teastep
c66159abee
capitalize 'terminator' variable; duplicate PREROUTING connmark logic in OUTPUT
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2441 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-01 17:17:24 +00:00
teastep
9feb547b6e
/sbin/shorewall status rework -- take 2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2430 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-29 18:32:50 +00:00
teastep
48502e75bb
Fix 'status' command in /usr/share/shorewall/firewall; try to make release notes clearer
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2429 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-28 20:22:25 +00:00
teastep
5f37ce46bf
Fix typo which broke use of arping
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2426 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-27 22:41:52 +00:00
teastep
5f58eac0f7
Optimize use of 'arping'
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2423 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-27 22:13:25 +00:00
teastep
6c8b63bfe0
Remove dependence on 'which'
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2421 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-27 20:30:16 +00:00
teastep
9a42f57a6a
Allow 'ipsec' in /etc/shorewall/hosts to work in the presence of dynamic zones
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2419 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-27 17:29:20 +00:00
teastep
b66929a65e
Large merge of function from EXPERIMENTAL to HEAD.
...
1) Elimination of the "shorewall monitor" command.
2) The /etc/shorewall/ipsec and /etc/shorewall/zones file are combined into
a single /etc/shorewall/zones file. This is done in an upwardly-compatible
way so that current users can continue to use their existing files.
3) Support has been added for the arp_ignore interface option.
4) DROPINVALID has been removed from shorewall.conf. Behavior is as if
DROPINVALID=No was specified.
5) The 'nobogons' option and BOGON_LOG_LEVEL are removed.
6) Error and warning messages have been made easier to spot by using
capitalization (e.g., ERROR: and WARNING:).
7) The /etc/shorewall/policy file now contains a new connection policy and a
policy for ESTABLISHED packets. Useful for users of snort-inline who want to
pass all packets to the QUEUE target.
8) A new 'critical' option has been added to /etc/shorewall/routestopped.
Shorewall insures communication between the firewall and 'critical' hosts
throughout start, restart, stop and clear. Useful for diskless firewall's
with NFS-mounted file systems, LDAP servers, Crossbow, etc.
9) Macros. Macros are very similar to actions but are easier to use, allow
parameter substitution and are more efficient. Almost all of the standard
actions have been converted to macros in the EXPERIMENTAL branch.
10) The default value of ADD_IP_ALIASES in shorewall.conf is changed to No.
11) If you have 'make' installed on your firewall, then when you use
the '-f' option to 'shorewall start' (as happens when you reboot),
if your /etc/shorewall/ directory contains files that were modified
after Shorewall was last restarted then Shorewall is started using
the config files rather than using the saved configuration.
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2409 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-25 23:08:09 +00:00
teastep
89eaf99906
Pretty up the output of 'show actions'
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2403 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-24 16:49:02 +00:00
teastep
aaecd53a29
Add 'shorewall show actions command'
...
Make it possible for the 'stopped' extension script to save commands in
the 'restore-tail' file by calling 'run_and_save_command' and
'save_command'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2401 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-24 16:27:21 +00:00
teastep
f3ea3c7edb
Avoid annoying 'ipset:not found' message
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2392 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-22 22:24:28 +00:00
teastep
fbabd7d6ef
Obviate the need for 'loose'
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2389 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-21 19:48:33 +00:00
teastep
ca8e5631d3
Make \!<address> work in the SUBNET column of the masq file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2374 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-20 01:10:28 +00:00
teastep
687704eff2
Add 'loose' provider option; add COPY column to providers file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2370 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-18 22:40:26 +00:00
teastep
318e204358
Re-implement MACLIST_TTL
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2358 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-17 22:08:15 +00:00
teastep
c6e3e84352
Disable MACLIST_TTL
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2356 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-17 16:52:21 +00:00
teastep
1b5ac5c7d3
Make /sbin/shorewall issue a warning whenever startup is disabled
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2348 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-15 20:50:01 +00:00
teastep
379b58f628
A better patch to avoid blocking DHCP broadcasts during MAC verification
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2330 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-13 15:26:51 +00:00
teastep
ef9d22b647
Avoid blocking DHCP broadcasts during MAC verification
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2327 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-13 14:29:52 +00:00
teastep
d050552a36
Make TCPFLAGS_LOG_LEVEL=ULOG work with iptables-1.3.2.
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2322 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-12 00:42:08 +00:00
teastep
7d924c3b82
A couple of little buglets. 1) detect duplicate tracked interface in providers file; 2) don't permit destination interface in PREROUTING marking rule
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2315 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 23:23:45 +00:00
teastep
d11dc2b58a
Apply Cristian's patch for default route after reboot
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2305 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 20:12:49 +00:00
paulgear
4f8bbb5866
Copy latest development version from Shorewall2/
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2269 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 06:13:05 +00:00
paulgear
2a19eb8a5a
Copy latest 2.4 version from Shorewall2/
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2264 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 05:55:29 +00:00
paulgear
90dd62e89e
Copy latest 2.2 version from STABLE2/
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2263 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 05:45:05 +00:00
paulgear
921a7223d4
Copy latest 2.0 code from STABLE2/
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2262 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 04:45:32 +00:00
teastep
ccd528ec8c
Shorewall 1.4.10d +
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1216 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-03-20 15:40:06 +00:00
teastep
d711731678
Fix multiple excluded zone handling in DNAT/REDIRECT
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1181 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-03-04 15:24:59 +00:00
teastep
7f19ec0c73
Fix another masq file bug
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1131 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-02-09 20:46:22 +00:00
teastep
76c135e123
Shorewall-1.4.10a
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1129 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-02-08 20:36:46 +00:00
teastep
6ae5a4eb93
Fix problem in masq file parsing
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1124 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-02-05 20:19:29 +00:00
teastep
97ea8c60d7
Fix problem in masq file parsing
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1123 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-02-05 20:13:24 +00:00
teastep
f67cb1eab8
Fix PROTO fix fix
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1098 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-29 23:29:50 +00:00
teastep
304a502d38
Fix PROTO fix
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1097 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-29 23:24:30 +00:00
teastep
76b5918a13
Fix handling of 'all' or '-' in the PROTO column of an action file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1096 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-29 19:11:51 +00:00
teastep
d116d04fb8
Don't add broadcasts to /0 groups
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1095 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-28 00:52:03 +00:00
teastep
b4d0cbd1b1
Don't feed the smurfs
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1093 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-27 22:33:32 +00:00
teastep
3a82d46762
1.4.10 RC2 and fixes for broadcast rejects, ratelimiting and CONTINUE rules
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1092 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-27 21:16:07 +00:00
teastep
2e80e459bb
RC1 and 'detectnets' option
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1089 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-23 23:48:30 +00:00
teastep
22df211052
Applied Fr�d�ric LESPEZ's patch for packet marking by user/group id
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1088 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-22 20:24:56 +00:00
teastep
58ac5fd852
Correct messages generated out of setup_masq()
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1087 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-22 16:59:40 +00:00
teastep
c07e450d5a
Refine masq destination list code
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1086 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-22 03:27:03 +00:00
teastep
d362f734d9
Destination exclude list in masq file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1085 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-22 02:06:56 +00:00
teastep
0c6299465d
Fix SNAT handling in DNAT rules
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@869 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-16 21:52:37 +00:00
teastep
9763f0caf3
Allow actions to be used in other actions
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@809 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-07 18:15:55 +00:00
teastep
7a7597466d
Clean up Action Change
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@806 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-05 20:34:01 +00:00
teastep
90263f43af
Add user-defined Actions
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@801 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-04 02:01:08 +00:00
teastep
380b8e2ce8
Add MODULE_SUFFIX option
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@797 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-01 16:10:08 +00:00
teastep
9fde389c31
Log 'norfc1918'
...
packets out of 'rfc1918' chains
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@792 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-11-27 18:39:11 +00:00
teastep
a3eaa7f9af
Rework ip_forward handling; update release file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@791 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-11-27 18:24:57 +00:00
teastep
80981e802e
Fix NONE policy validation and 'routeback' for wildcard interfaces
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@786 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-11-08 02:38:30 +00:00
teastep
306ca3718f
Correct handling of broadcast addresses in MAC verification
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@784 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-31 15:30:07 +00:00
teastep
f046ea3ab1
Fix route filtering
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@782 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-30 15:42:45 +00:00
teastep
0f72f92c48
Another fix for <zone>_frwd chains
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@780 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-26 16:22:01 +00:00
teastep
5448a9cc38
Expand chain naming
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@777 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-25 00:54:01 +00:00
teastep
20a23dc925
Re-add optimization for complex zones
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@771 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-19 14:57:48 +00:00
teastep
1fd0345510
Re-add optimization for complex zones
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@769 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-15 18:34:05 +00:00
teastep
ff2b9ce193
Remove 'complex zone' optimization
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@768 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-15 18:17:23 +00:00
teastep
67ad01a56f
Added BLACKLISTNEWONLY
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@765 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-11 16:06:00 +00:00
teastep
55ddfb8c78
Fix error handling after 'Unable to determine the routes...'
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@764 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-10 03:00:26 +00:00
teastep
97825f937c
Clean up QUEUE target code
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@763 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-09 22:33:44 +00:00
teastep
c80dacd86a
p2pwall integration
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@762 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-09 21:26:08 +00:00
teastep
3d7df0dd62
Correct icmp fix
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@761 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-08 18:45:26 +00:00
teastep
5b54d21d07
Don't use multiport match on ICMP
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@760 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-08 15:07:18 +00:00
teastep
9a51cb0b60
Merge Tuomo Soini's fix for /bin/ash
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@758 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-08 14:53:26 +00:00
teastep
f30faa416f
Fix user/group name and qualified destination
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@752 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-03 14:39:34 +00:00
teastep
5d489f01f9
Change 'logunclean' messages to reflect LOG disposition
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@750 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-02 04:48:30 +00:00
teastep
45e63c15ac
Blacklist before DHCP
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@749 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-01 00:07:14 +00:00
teastep
2e4f97175d
Correct handling of missing common.def file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@748 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-09-27 14:54:16 +00:00
teastep
f88241a6f1
Fix rules file processing with missing policy
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@747 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-09-26 21:34:16 +00:00
teastep
ddb925c133
Reword error message
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@745 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-09-22 21:44:22 +00:00
teastep
9f14855704
Allow user:group in USER SET column of rules file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@744 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-09-19 19:42:05 +00:00
teastep
a18c573868
Beta 2 plus fix proxy ARP routes
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@738 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-09-16 19:44:49 +00:00
teastep
bb20363bb2
Fix for IPV6 addresses and the 'ip' utility
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@735 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-28 18:02:59 +00:00
teastep
5e8a20b455
Fix adding range of aliases
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@733 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-27 19:37:53 +00:00
teastep
47b75c3c87
Correct backout of Smart Blacklisting
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@729 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-25 02:02:44 +00:00
teastep
29ae535021
Correct backout of Smart Blacklisting
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@728 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-25 01:49:34 +00:00
teastep
41de5afd06
Decommit per-interface dynamic blacklisting; warnings on 'unclean' dependencies
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@726 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-24 01:24:23 +00:00
teastep
54569f4782
Userset fix and logging fixes
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@724 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-23 18:14:59 +00:00
teastep
3ee26da51c
Henry Yang's patch plus fix LOGRATE/ratelimit conflict on rules file logging
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@723 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-22 15:27:08 +00:00
teastep
90b5b607a6
Allow chains with IP addresses as names
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@721 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-21 13:18:51 +00:00
teastep
e58b08c4b7
Redesign Accounting
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@720 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-20 16:54:27 +00:00
teastep
b5c9917c79
Add RATE LIMIT column; allow multiple chains in a 'show' command
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@718 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-15 15:54:13 +00:00
teastep
b68171cc23
Better fix for generic firewall parsing
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@714 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-14 13:57:09 +00:00
teastep
3458f3e0f4
Fix generic firewall parsing
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@713 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-14 02:08:51 +00:00
teastep
d55bcfca0b
Rate Limiting in Rules - Part 7
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@711 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-13 21:31:02 +00:00
teastep
8d9ec49a6b
Rate Limiting in Rules - Part 4
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@708 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-13 18:51:18 +00:00
teastep
e454c7fe73
Rate Limiting in Rules - Part 3
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@707 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-13 18:48:28 +00:00
teastep
88dbd252af
Rate Limiting in Rules - Part 1
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@705 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-13 17:07:05 +00:00
teastep
552d738579
Allow bridge devices in /etc/shorewall/maclist
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@704 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-13 00:19:24 +00:00
teastep
a1c1785048
Allow degenerate rules; replace 'chain_exists' with 'havechain' in accounting code
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@701 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-11 17:44:23 +00:00
teastep
ab073a41a4
Added CHAIN declarations
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@698 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-11 01:36:32 +00:00
teastep
24ed025834
Conditionally create accounting chain
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@697 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-10 16:22:19 +00:00
teastep
347ed2f629
Conditionally create accounting chain
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@696 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-10 16:19:36 +00:00
teastep
7cb2d841aa
Conditionally create accounting chain
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@695 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-10 16:12:30 +00:00
teastep
ac8585b68a
Complete accounting support
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@694 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-10 16:01:21 +00:00
teastep
1144d736bf
Correct bug in accounting file processing
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@693 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-10 15:06:23 +00:00
teastep
3c24144487
Add IP accounting
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@692 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-10 01:11:50 +00:00
teastep
b235cd19e1
Add arp_filter interface option
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@690 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-08 20:55:06 +00:00
teastep
4192870cb2
Add support for range lists in /etc/shorewall/masq
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@687 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-06 23:50:33 +00:00
teastep
c8b9cbfd35
Generic tunnels
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@686 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-06 00:06:44 +00:00
teastep
b2729de062
Fix adding addresses to P-T-P devices
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@683 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-05 15:05:45 +00:00
teastep
4c08cc4780
ADMINISABSENTMINDED Option
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@681 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-29 23:04:04 +00:00
teastep
617c0d311e
Remove braindead code; prevent 'stop' when 'start' is disabled
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@680 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-28 17:32:41 +00:00
teastep
f7ea7cdd41
Snapshot 1.4.6_20030726
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@678 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-26 16:44:38 +00:00
teastep
a63d259b40
Move call to determine_capabilities so that MANGLE_ENABLED is set before it is tested
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@674 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-22 14:25:36 +00:00
teastep
9188253bd4
{
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@670 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-21 22:02:34 +00:00
teastep
afd7840558
Suppress DHCP message when there are no DHCP rules
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@666 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-18 23:12:34 +00:00
teastep
c89d302114
Streamline module loading
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@663 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-16 03:22:45 +00:00
teastep
0c8365f7bb
Support 2.6 compressed modules; add chain name to policy display in 'check' command
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@662 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-16 03:07:38 +00:00
teastep
defe814ca5
More rule processing fixes
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@659 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-14 20:25:03 +00:00
teastep
8dce6e9522
More rule processing fixes
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@658 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-14 20:16:24 +00:00
teastep
528c7b549a
More rule processing fixes
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@657 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-14 19:51:25 +00:00
teastep
31f6e580e4
More rule processing fixes
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@656 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-14 19:43:32 +00:00
teastep
94ceb711b7
Fix exclude zone processing in DNAT and REDIRECT rules
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@655 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-14 16:44:35 +00:00
teastep
5b03f63961
Fix exclude zone processing in DNAT and REDIRECT rules
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@654 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-14 16:20:45 +00:00
teastep
cf62edd5ca
Add local variable to find_hosts_by_option
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@648 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-06 16:27:40 +00:00
teastep
ed899188f8
Allow address lists in /etc/shorewall/hosts entries
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@647 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-06 16:10:23 +00:00
teastep
c615aa868a
Allow address lists in /etc/shorewall/hosts entries
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@646 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-06 15:31:26 +00:00
teastep
045318946f
Reword error message to use terminaolgy from documentation
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@640 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 20:49:23 +00:00
teastep
3c5dd9167f
Remove duplicate pattern in case statement
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@639 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 20:36:03 +00:00
teastep
a4183f21fe
Add empty variable for 'call' command
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@638 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 19:52:34 +00:00
teastep
24d864d427
Fix my application of Simon Matter's Patch
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@637 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 18:17:40 +00:00
teastep
678e23918b
Add undocumented 'call' commands to /sbin/shorewall and /usr/share/shorewall/firewall
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@635 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 17:55:43 +00:00
teastep
17a7a0492d
Take care of some ipcalc anomalies
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@634 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 17:41:28 +00:00
teastep
b1b3d09473
Move IP Address Manipulation Functions to /usr/share/shorewall/functions
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@631 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-05 16:24:41 +00:00
teastep
9a6c36c146
Remove requirement for XOR
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@626 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-04 15:08:29 +00:00