Tom Eastep
6908a4bcf7
Issue warning when ULOG is used.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-12-14 09:00:42 -08:00
Tom Eastep
be2110b47e
Revert "Remove ULOG support"
...
This reverts commit 061ce3d781
.
2018-12-14 08:54:07 -08:00
Tom Eastep
ad6401da8c
Cleanup of Config.pm
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-12-13 15:32:39 -08:00
Tom Eastep
668cb6deda
Make 'status -i' work when there are no providers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-12-11 13:44:31 -08:00
Tom Eastep
8ed644a0ec
Correct HELPER requires error message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-11-28 11:00:41 -08:00
Tom Eastep
86b82c53cf
Correct HELPER requires error message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-11-28 10:59:53 -08:00
Tom Eastep
061ce3d781
Remove ULOG support
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-11-15 14:59:29 -08:00
Tom Eastep
45f8d31021
Don't try to load ipt_ULOG
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-11-15 14:33:25 -08:00
Tom Eastep
03d2088cf7
Implement SW_CONFDIR support
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-11-06 15:40:26 -08:00
Tom Eastep
6534201284
Fix assertion failure during 'check -r' when DOCKER=Yes
...
- avoid unnecessary mode transitions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-10-31 15:30:03 -07:00
Tom Eastep
282ca14182
Corrections to DOCKER-ISOLATION change
...
- Handle DOCKER-USER
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-10-28 09:20:47 -07:00
Tom Eastep
4b7d346911
Merge branch '5.2.1'
2018-10-27 09:11:00 -07:00
Tom Eastep
131a2cd40d
Accommodate Docker version 18.06
...
- Optionally replace DOCKER-ISOLATION with DOCKER-ISOLATION-STAGE-1 and -2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-10-27 09:04:34 -07:00
Tom Eastep
ae90ab1f68
Add version of Jeremie Courreges-Anglas's <jca@tranquil.it> patch
...
- Handle case where we are enabling/disabling a balanced/fallback provider
and another such provider has lost carrier.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-10-11 15:18:47 -07:00
Tom Eastep
5e57c895b3
Avoid emacs issues with compiled code
...
- handle embedded spaces in moduledir path names
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-10-09 14:47:36 -07:00
Tom Eastep
aab1df7421
Correct ip[6]tables-restore failure message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-10-06 08:22:46 -07:00
Tom Eastep
9f3cc88cf0
Prevent invalid code generation with SNAT(detect)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-10-02 08:15:20 -07:00
Tom Eastep
aaa80882a0
Add Eric Teeter's Cockpit macro
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-09-28 09:43:55 -07:00
Tom Eastep
1b6de901e0
Merge branch '5.2.0'
2018-08-24 15:33:16 -07:00
Tom Eastep
56780a5d1f
Apply rate limiting in the nat table on nat+accept rules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-08-24 15:31:20 -07:00
Tom Eastep
22c1bc2e9c
Apply rate limiting in the nat table on nat+accept rules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-08-23 14:07:10 -07:00
Tom Eastep
5048e68cb5
Correct IPv4 examples in shorewall-blrules(5)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-08-13 19:21:03 -07:00
Tom Eastep
2d2ded7efc
Merge branch '5.2.0'
2018-08-07 07:46:29 -07:00
Tom Eastep
5e8fd570d1
Prepare for Perl 5.32
...
- Escape '{' in REs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-08-07 07:43:58 -07:00
Tom Eastep
82e84f724d
Use -h rather than -L for checking a symlink
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-08-01 13:58:35 -07:00
Tom Eastep
7c31f70dc8
Use '=' rather than '&' to create UNTRACKED rule chains.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-08-01 13:50:20 -07:00
Tom Eastep
f1eafdc314
Use '=' rather than '&' to create UNTRACKED rule chains.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-08-01 13:48:29 -07:00
Tom Eastep
c195bab01d
Correct handling of a provider interface that matches a wildcard.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-29 20:34:02 -07:00
Tom Eastep
d829093caa
Use -h rather than -L for checking a symlink
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-26 13:57:10 -07:00
Tom Eastep
0d682fe78b
Disallow optional shared providers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-19 09:57:06 -07:00
Tom Eastep
410a20dda3
Make shared interface and 'load=<load-factor' play nice together
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-17 13:25:26 -07:00
Tom Eastep
0685d0edfd
Fix rate limiting
...
- Avoid specifying a timeout when the match is '-m limit'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-15 08:57:43 -07:00
Tom Eastep
474604b1fe
Correct source interface exclusion
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-04 08:01:27 -07:00
Tom Eastep
6fef1f34ba
Correct links in manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-03 15:31:14 -07:00
Tom Eastep
93f0183550
Tweak do_ratelimit()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-03 14:22:30 -07:00
Tom Eastep
a42972644c
Allow specification of 'hashlimit' table sizes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-02 14:14:36 -07:00
Tom Eastep
b271c52603
Update RATE column documentation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-02 14:10:53 -07:00
Tom Eastep
49514e2d58
Allow specification of ht buckets and max entries in RATE columns
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-02 10:23:36 -07:00
Tom Eastep
a265685e20
Allow specification of VLSM in the RATE columns
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-07-02 09:08:45 -07:00
Matt Darfeuille
442e6ac152
Update version to 5.2
...
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-23 09:09:00 -07:00
Matt Darfeuille
14e5a2d5ca
Be more verbose in progress messages
...
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-23 09:02:18 -07:00
Tom Eastep
780eb0402c
Update manpages for interface exclusion
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-15 08:23:35 -07:00
Tom Eastep
bfb9852eb6
Allow MARK, CONNMARK, SAVE and RESTORE in the nat table
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-14 10:01:12 -07:00
Tom Eastep
a8b6a301f2
Revert "MARK and CONNMARK in the snat file"
...
This reverts commit e36547f8be
.
2018-06-14 07:58:33 -07:00
Tom Eastep
150f7ab798
Allow specification of the TPROXY mark in CONNMARK and MARK.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-14 07:58:06 -07:00
Tom Eastep
b11d63a7bd
More manpage corrections
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-11 08:54:34 -07:00
Tom Eastep
84b283533b
Correct dangling link
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-11 08:52:07 -07:00
Tom Eastep
e36547f8be
MARK and CONNMARK in the snat file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-10 16:34:55 -07:00
Tom Eastep
0632723a6c
Support interface exclusion
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-10 12:02:19 -07:00
Tom Eastep
43543b5c32
Clean up shorewall-addresses(5)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-06-10 12:00:54 -07:00
Tom Eastep
ffc5a3c7df
Add ALT Linux support by Alexey Shabalin <sha-ba@mail.ru>
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-05-29 08:13:26 -07:00
Tom Eastep
b6d1293b2e
Merge branch '5.2.0'
2018-05-20 14:48:40 -07:00
Tom Eastep
ec21b03c5b
Correct handling of dbl=src_dst in interface OPTIONS
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-05-18 10:18:09 -07:00
Tom Eastep
25dcf8c5d6
Check for linkdown in interface_is_usable() rather than ..._is_up().
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-05-18 07:56:06 -07:00
Tom Eastep
c02b71b530
Correct interface_is_up() to look for the 'state' as well as 'UP'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-05-12 08:09:46 -07:00
Tom Eastep
78269d57bc
Handle missing AUTOMAKE
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-05-10 11:12:23 -07:00
Tom Eastep
fc91648315
Avoid split_line2 confusion when processing a raw line
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-05-10 09:30:02 -07:00
Tom Eastep
067f435ac5
Update BLACKLIST_DEFAULT if Drop or Reject
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-05-06 13:31:54 -07:00
Tom Eastep
07654d8f8d
Fix 'compile -c'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-05-05 13:26:58 -07:00
Tom Eastep
b5e8f9bd50
Restore the read_yesno_with_timeout() function
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-05-04 08:52:40 -07:00
Tom Eastep
f9995a9515
New manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-05-04 08:47:33 -07:00
Tom Eastep
9c950082f6
Add new IPFS macros
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-05-04 08:45:39 -07:00
Tom Eastep
65e174a073
Add IPFS macros from Răzvan Sandu <razvan.sandu@mobexpert.ro>
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-04-21 09:05:48 -07:00
Tom Eastep
66edd76b10
Correct typo in patch merged from 5.1.12
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-04-15 08:46:05 -07:00
Matt Darfeuille
99be0ce970
Use a function to load configuration files
...
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-04-14 13:06:54 -07:00
Tom Eastep
98d5bf8f55
Correct 'reset' handling in 'IfEvent'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-04-13 09:22:29 -07:00
Tom Eastep
c59ff50de4
Process params file in remote_capture()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-04-13 08:49:35 -07:00
Matt Darfeuille
3df5c032da
Be more verbose when executing remote commands
...
- Reword progress messages
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-04-12 11:12:39 -07:00
Tom Eastep
90df607d79
Finish removal of 'refresh command'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-03-30 15:30:34 -07:00
Tom Eastep
5e2f1f573d
Unconditionally convert masq->snat
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-03-27 11:38:47 -07:00
Tom Eastep
011322992e
Revert "Delete masq file processing"
...
This reverts commit 609ee8dea2
.
2018-03-27 11:08:33 -07:00
Tom Eastep
47a96e9ff9
Delete masq file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-03-26 15:57:49 -07:00
Tom Eastep
4a1d8ba0f9
delete shorewall-masq.xml
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-03-26 15:56:11 -07:00
Tom Eastep
7c99059a66
Supersede the masq file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-03-26 15:53:07 -07:00
Tom Eastep
609ee8dea2
Delete masq file processing
...
- Automatically convert the masq file if it exists
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-03-26 11:40:22 -07:00
Matt Darfeuille
299ea2b41f
Update version to 5.2
...
- Remove unneeded punctuation marks
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-03-24 09:53:02 -07:00
Tom Eastep
32f1ae1992
Make &lo work correctly
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-03-19 18:23:19 -07:00
Matt Darfeuille
47a59cdd7c
Add and document the remote-getcaps command
...
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-03-18 17:36:38 -07:00
Matt Darfeuille
676ca872d6
Add and document the remote-getrc command
...
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-03-18 17:36:33 -07:00
Matt Darfeuille
ef28208c0e
Use a more consistent name for function definition
...
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-03-18 17:36:20 -07:00
Matt Darfeuille
cdeb82bdab
Improve when to capture capabilities
...
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-03-18 17:35:42 -07:00
Tom Eastep
3be071ca3d
Up the INCLUDE depth limit to 20
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-03-12 14:39:53 -07:00
Tom Eastep
6f6abfc8cd
Clarify the processing of the params file in shorewall-params(5)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-03-08 08:51:36 -08:00
Tom Eastep
f99f3539d1
Recommend using the link-level IP of upstream IPv6 routers.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-03-05 16:42:15 -08:00
Tom Eastep
e08e239c00
Implement AUTOMAKE=recursive
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-03-03 15:50:56 -08:00
Tom Eastep
02ed6f26a9
Allow AUTOMAKE=<depth> to specify search depth
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-03-03 13:04:48 -08:00
Tom Eastep
9e002a7689
Be sure that mutex is released when exiting
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-28 13:38:30 -08:00
Tom Eastep
34c5441768
Apply optimize category 16 again after 8 if 8 did anything
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-27 14:17:21 -08:00
Tom Eastep
c3d8cba042
Reverse the order of optimize 8 and optimize 16 application
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-23 15:01:47 -08:00
Tom Eastep
8bc97bcd35
Replace ${VARDIR}/firewall with $g_firewall in CLI
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-23 12:40:14 -08:00
Tom Eastep
c1a74b54fc
Implement RENAME_COMBINED
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-22 12:49:55 -08:00
Tom Eastep
88547f5140
Handle two-chain case when LOG_ZONE != 'Both'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-22 11:25:19 -08:00
Tom Eastep
4a714b3ab9
More INLINE_MATCHES changes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
# Conflicts:
# Shorewall/manpages/shorewall-mangle.xml
# Shorewall/manpages/shorewall-rules.xml
2018-02-21 15:15:23 -08:00
Tom Eastep
7ad7598d5b
Implement LOG_ZONE
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-20 15:31:31 -08:00
Tom Eastep
4dfc6d90b9
Add 'logname' member to chain table entries.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-20 11:04:50 -08:00
Tom Eastep
0cb4a5c202
Correct "Invalid Policy Action" error message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-19 10:04:18 -08:00
Tom Eastep
9a83365986
Remove the USEPKTTYPE capability
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-16 11:20:00 -08:00
Tom Eastep
db4a26cfa9
'update' changes for V5.2
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-13 09:21:15 -08:00
Tom Eastep
95e956c913
Complete removal of INLINE_MATCHES
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-13 09:20:31 -08:00
Tom Eastep
5e3795b5a4
Delete support for single semicolon in INLINE and IP[6]TABLES rules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-12 19:12:03 -08:00