Tom Eastep
6db8748ee8
Don't show IPv6 cached routes unless asked.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-26 11:57:18 -08:00
Tom Eastep
5520a6d31d
Validate helper<->protocol
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-24 09:24:01 -08:00
Tom Eastep
97354c8ce8
Detect CT_TARGET when LOAD_HELPERS_ONLY=No
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-23 11:59:51 -08:00
Tom Eastep
e8c7ec38dc
Allow netstat output to appear in dumps on Fedora
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-23 11:59:19 -08:00
Tom Eastep
b58ad8e758
Be sure to delete fooX chain on errors in determine_capabilities()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-23 10:55:08 -08:00
Tom Eastep
0e3ad6ff91
Omit the chain designator from an error message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-23 07:51:12 -08:00
Tom Eastep
1c535ee0f9
Correct handling of a chain designator in CLASSIFY rules.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-23 07:44:16 -08:00
Tom Eastep
3081ab1da1
Correct RELATED_DISPOSITION error message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-22 15:51:50 -08:00
Tom Eastep
ce735e9415
Allow a chain designator in CLASSIFY rules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-22 15:41:16 -08:00
Tom Eastep
e93dbdcb99
Stop generation of superfluous routing rules.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-21 08:01:25 -08:00
Tom Eastep
ea8efd1c44
Correct 'show ipa'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-21 07:25:20 -08:00
Tom Eastep
c03fe0a076
Implement USE_LOGICAL_NAMES.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-20 16:03:56 -08:00
Tom Eastep
3e72442954
Convert sample notrack files to FORMAT 2
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-20 14:38:44 -08:00
Tom Eastep
0d4a6c1c28
Replace SHOREWALL_DIR with g_shorewalldir
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-20 08:19:57 -08:00
Tom Eastep
74cee48bc0
Change /sbin/shorewall6 back into a file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-19 15:52:42 -08:00
Tom Eastep
075d7ca68b
Rename $nolock to $g_nolock
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-19 06:29:05 -08:00
Tom Eastep
6b90c09c04
Correct 'show raw'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-18 15:11:56 -08:00
Tom Eastep
1c8f6d3856
Eliminate a variable
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-18 15:05:03 -08:00
Tom Eastep
c00068e08d
Another correction to the 'CT' target
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-18 07:21:32 -08:00
Tom Eastep
a80b46be81
Allow a port number to be appended to a helper name
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-17 17:08:24 -08:00
Tom Eastep
ec848ebc01
Parenthesize qa/.../ in embedded Perl
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-17 10:09:23 -08:00
Tom Eastep
ba5db8753e
Fix CT helpers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-17 08:59:27 -08:00
Tom Eastep
9d66f34932
Allow config options to be used as shell variables
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-15 12:52:22 -08:00
Tom Eastep
10d10b1c16
Remove a redundant capability test
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-15 12:52:06 -08:00
Tom Eastep
6194eceaa4
Restore text of 'Provider "..." compiled' message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-15 12:51:39 -08:00
Tom Eastep
8ac5f6c086
use specified tool for capabilities detection
2011-12-11 16:28:40 -08:00
Tom Eastep
cc78073ce7
Merge lib.cli-lite into lib.cli
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-11 13:15:30 -08:00
Tom Eastep
4cf564e7c9
Move startup_error() to lib.cli, plus cosmetic changes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-08 22:00:48 -08:00
Tom Eastep
eec8a4edaf
Cosmetic cleanup
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-07 13:04:20 -08:00
Tom Eastep
eaad3d836c
Correct library name in header comments
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-06 19:05:55 -08:00
Tom Eastep
2142baca4f
Avoid inappropriate RELATED,ESTABLISHED rules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-06 19:04:43 -08:00
Tom Eastep
645e8dfea0
Straighten out LITEDIR
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-06 15:39:18 -08:00
Tom Eastep
004d0bcc38
Allow rules in the RELATED section when there are non-default settions of
...
the new RELATED_* options.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-06 13:38:11 -08:00
Tom Eastep
43913915f9
Combine the CLIs into a single 'shorewall' file.
...
Add lib.cli-lite and lib.cli-std to contain the functions that are different
between the full products and the lite ones.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-06 12:54:51 -08:00
Tom Eastep
c724e238e6
Move the bulk of command processing to lib.cli
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-06 07:47:34 -08:00
Tom Eastep
e762998f1e
Allow spaces in the argument to the iprange command.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-06 06:44:15 -08:00
Tom Eastep
d4957696d1
Update man pages and sample files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 17:45:09 -08:00
Tom Eastep
439af55312
Implement RELATED_DISPOSITION and RELATED_LOG_LEVEL
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 16:08:17 -08:00
Tom Eastep
febe9e5222
Apply Chris Boot's fix for TC_ENABLED=Shared
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 12:22:48 -08:00
Tom Eastep
b27e2517b4
Unify capabilities detection
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 12:00:36 -08:00
Tom Eastep
94b8d07645
Correct fix for dynamic blacklisting (chain_exists())
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 07:01:16 -08:00
Tom Eastep
7fcdfd6655
Fix chain_exists() from IPv4
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 06:54:03 -08:00
Tom Eastep
2cffae738f
Initial implementation of CT target support in the 'notrack' file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-04 17:15:58 -08:00
Tom Eastep
a794027f63
Implement CT capability
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-04 14:35:53 -08:00
Tom Eastep
e7d2b1d4ed
Consolidate the lib.common files.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-04 09:19:48 -08:00
Tom Eastep
0d80b54ad9
Correct some issue with file consolidation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-03 13:13:25 -08:00
Tom Eastep
f89c78788f
Correct a couple of syntax errors in lib.cli
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-03 12:41:05 -08:00
Tom Eastep
252b6580c0
Load the common libs from /sbin/shorewall6
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-03 12:04:28 -08:00
Tom Eastep
4161c35108
Implement common lib.base, lib.cli and CLI for Shorewall[6][-lite]
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-03 10:59:01 -08:00
Tom Eastep
bc3782c3de
Pass $CONFIG_PATH to compiler.pl
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-02 09:31:26 -08:00