Commit Graph

128 Commits

Author SHA1 Message Date
teastep
63dc4470ca Reimplement IPSEC MSS setting
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1695 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-15 20:00:48 +00:00
teastep
2caf2acd88 Add MSS field to ipsec file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1693 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-15 18:46:27 +00:00
teastep
c3d2f62460 Detect duplicate zone names
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1691 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-14 22:31:52 +00:00
teastep
d60d81ca35 Allow CLAMPMSS to set an explicit MSS value
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1679 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-13 00:42:26 +00:00
teastep
3b2535619e Fix a typo and add clarification to the blacklist file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1676 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-12 14:56:15 +00:00
teastep
cbe3463629 Correct logmartians handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1675 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-11 21:16:48 +00:00
teastep
d34d2e1393 Handle traffic from IPSEC hosts before traffic from non-IPSEC zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1669 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-09 00:06:45 +00:00
teastep
acc389ff68 Add AllowICMPs action and invoke from Drop and Reject
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1668 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-08 00:17:55 +00:00
teastep
aeb3d2cea2 Add AllowICMPs action and invoke from Drop and Reject
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1666 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-07 22:56:35 +00:00
teastep
ce9fa5ae75 Add 'sourceroute' interface option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1658 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-03 00:44:12 +00:00
teastep
63c16312dd Merge tcrules clarification from 2.0.10
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1654 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-30 15:30:16 +00:00
teastep
7a74380f7e Fix log rule number generation and implement LOGTAGONLY
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1649 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-25 17:18:25 +00:00
teastep
eb06f44604 Merge 'brctl show' change from 2.0.9
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1639 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-23 22:11:10 +00:00
teastep
d8d466530f Fix DELAYBLACKLISTLOAD=No
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1637 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-23 14:30:54 +00:00
teastep
e330130881 Avoid double-setting proxy arp flags
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1630 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-16 19:30:54 +00:00
teastep
b28d49a397 DELAYBLACKLISTLOAD
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1623 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-15 20:04:36 +00:00
teastep
0a87d4db6a Allow bang range; relax OpenVPN source port restriction
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1621 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-13 22:16:15 +00:00
teastep
ec8e01d09c Add RETAIN_ALIASES option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1620 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-11 16:16:34 +00:00
teastep
4ea801abb5 Fix complex proxy arp handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1618 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-10 21:41:10 +00:00
teastep
247b48533c Remove 'logunclean' and 'dropunclean'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1615 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-09 20:42:50 +00:00
teastep
6f48c5e030 Fixes for iprange implementation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1614 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-09 20:18:49 +00:00
teastep
23364290ae Update for 2.1.8
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1611 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-08 20:40:30 +00:00
teastep
5cf57190fb Fix shorewall.spec so that Shorewall will start up at boot
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1606 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-06 23:46:26 +00:00
teastep
b86d3f03d9 Don't NAT tunnel traffic
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1605 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-06 19:58:10 +00:00
teastep
0649e6ad70 Verify physdev match if BRIDGING=Yes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1602 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-05 23:43:08 +00:00
teastep
3ede79187f Fix tcrules PROTO processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1593 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-02 17:12:39 +00:00
teastep
8aab6ce8c6 Apply Richard Musil's patch
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1589 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-29 17:21:16 +00:00
teastep
d7116bf2df Include params file on restore
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1582 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-27 01:36:07 +00:00
teastep
daae61131e Add user accounting; add SNAT/MASQ port remapping
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1579 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-26 20:59:39 +00:00
teastep
d282947ccf Add IN and OUT SA options
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1561 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-20 15:37:56 +00:00
teastep
83ad53d6bf Deprecate the -c option in /sbin/shorewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1560 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-19 22:22:49 +00:00
teastep
16487eb51a New IPSEC Options
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1554 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-18 22:29:09 +00:00
teastep
4292ef2e98 Fix policy and maclist
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1547 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-16 18:00:53 +00:00
teastep
af8baff5cb Apply policy to interface/host option rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1546 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-16 16:28:44 +00:00
teastep
fae7312553 Relax source port = 500 ISAKMP restriction
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1538 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-14 19:03:10 +00:00
teastep
24e6d1191d IPSEC 2.6 Fixes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1537 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-14 18:39:09 +00:00
teastep
a193b7bbba Remove SNAT in DNAT rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1532 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-11 00:17:54 +00:00
teastep
3aff092003 Add DNAT ONLY column to /etc/shorewall/nat
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1531 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-10 20:18:15 +00:00
teastep
d8a733aac0 Bring forward some changes from 2.0.8; Improve error messages; Implement STARTUP_ENABLED
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1519 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-02 21:48:40 +00:00
teastep
24981b9624 Action logging infrastructure
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1499 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-26 20:57:02 +00:00
teastep
a95025686d Fix multiple blacklist interface bug
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1498 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-25 23:26:52 +00:00
teastep
3e90e68a7a All Shorewall config files except shorewall.conf are now empty
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1494 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-24 22:17:13 +00:00
teastep
c17a49ff86 All Shorewall config files except shorewall.conf are now empty
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1493 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-24 22:14:58 +00:00
teastep
5fa329c658 Enhance status IP/routing output
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1490 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-21 18:57:45 +00:00
teastep
0ca314fa36 Fix syntax error in setup_nat()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1486 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-19 13:50:14 +00:00
teastep
997c722946 Allow overriding ADD_IP_ALIASES
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1480 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-15 20:29:06 +00:00
teastep
5de1720a9e SNAT Enhancements
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1471 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-13 00:33:30 +00:00
teastep
081bd461a2 PKTTYPE ported from 2.0.6
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1470 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-12 13:01:55 +00:00
teastep
da3e9e46db Fix more $RESTOREBASE bugs; fix COMMAND typos
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1462 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-10 17:03:31 +00:00
teastep
2b3606dd25 Fix logging nat rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1455 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-06 20:41:53 +00:00