Commit Graph

298 Commits

Author SHA1 Message Date
Tom Eastep
6f5ab698b4 Add a PROBABILITY column to the tcrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-06 12:54:37 -08:00
Tom Eastep
72699a6af6 4.4.28->4.5.0
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-01 07:36:46 -08:00
Tom Eastep
0686df326d Reverse 4.4.25 Deprecations
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-31 15:47:51 -08:00
Tom Eastep
d6bac484dc Allow the timeout to be specified in that 'safe' commands.
Also, allow a suffix (s, m or h) in the <timeout> paramater to the 'try' command.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-31 09:40:36 -08:00
Tom Eastep
8cdc83638e Don't allow PREROUTING CLASSIFY rules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-28 14:07:12 -08:00
Tom Eastep
d827b6ae5d Remove BLACKLIST section from the rules file manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-27 15:29:37 -08:00
Tom Eastep
ce735e9415 Allow a chain designator in CLASSIFY rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-22 15:41:16 -08:00
Tom Eastep
c03fe0a076 Implement USE_LOGICAL_NAMES.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-20 16:03:56 -08:00
Tom Eastep
d4957696d1 Update man pages and sample files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 17:45:09 -08:00
Tom Eastep
320cc822fe Flesh out CT description in the man pages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 13:51:18 -08:00
Tom Eastep
f56b56a59f Update 'notrack' man pages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 06:56:23 -08:00
Tom Eastep
6949135c11 Document enable/disable in the manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-01 13:04:53 -08:00
Tom Eastep
8c6914d1a2 Don't deprecate 'optional' for shared providers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-01 11:23:22 -08:00
Tom Eastep
3110f7c74a Add enable/disable commands to the CLIs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-01 10:25:51 -08:00
Tom Eastep
0f02b497f6 Document optimize 16 in the manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-24 11:11:59 -08:00
Tom Eastep
4d30811794 Implement 'show marks'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 12:29:17 -08:00
Tom Eastep
86c51f24d9 Deprecate the old mark layout options.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 17:14:05 -08:00
Tom Eastep
9d56fcab89 Update Shorewall6 .conf files and manpage
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 16:54:10 -08:00
Tom Eastep
83d7cfa76a Update documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 15:18:43 -08:00
Tom Eastep
83d373c0aa More documentation cleanup.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-10 06:52:14 -08:00
Tom Eastep
d053faadde Allow convertion of a legacy blacklist configuration
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-08 12:59:40 -08:00
Tom Eastep
6108a9cad8 Delete BLACKLISTSECTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-06 14:46:14 -08:00
Tom Eastep
da7516d401 Update config files and manpages for BLACKLISTSECTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-06 12:05:07 -08:00
Tom Eastep
1091c24348 Implement the BLACKLISTSECTION option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-06 08:43:38 -08:00
Tom Eastep
a842fad629 Mention that 'ignore' exempts the inteface from hairpin filtering.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-04 13:49:23 -07:00
Tom Eastep
aed595f1d8 Document the 'ignore' interface option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-04 08:51:56 -07:00
Tom Eastep
3aac252645 Cleanup of IPv6 config files and manpages
- Add BLACKLIST section to IPv6 rules files.
- Add USE_DEFAULT_RT to the shorewall6.conf files and to the manpage.
2011-10-26 05:59:27 -07:00
Tom Eastep
54ba4ed879 Add MARK column to route_rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-23 07:56:53 -07:00
Tom Eastep
4b419f7497 Cleanup if IPv6 provider work
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-22 12:48:07 -07:00
Tom Eastep
15915799b9 Document new IN-BANDWIDTH handling
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-18 05:53:31 -07:00
Tom Eastep
6d56a8aa45 Merge branch '4.4.24'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-10 06:57:05 -07:00
Tom Eastep
99b21fdfc5 Implement HL manipulation for IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-09 14:01:40 -07:00
Tom Eastep
835a056eb8 Implement BLACKLIST section in the rules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-03 16:02:01 -07:00
Tom Eastep
0a5d5821ec Support additional forms of column/value pair specification
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-02 11:45:55 -07:00
Tom Eastep
2b7515f434 Refer manpage readers to the 'Pairs' information
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-26 10:16:52 -07:00
Tom Eastep
da5b6b99d4 Implement TTL support in tcrules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-24 16:17:52 -07:00
Tom Eastep
dbf5f17b41 More tweaks to switch implementation.
1) Switch names may be 30 characters long.
2) Switch settings are retained over restart.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-24 07:34:58 -07:00
Tom Eastep
12bfc14c5f More SWTICH changes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 14:44:20 -07:00
Tom Eastep
caddd65412 Rename condition->switch and add more documentation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 12:33:55 -07:00
Tom Eastep
75b4540d26 Add support for condition match in the rules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-21 15:20:50 -07:00
Tom Eastep
379d1d3201 Document how to use IPv6 netmap
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-18 10:56:11 -07:00
Tom Eastep
895d2f34c5 Externalize stateless NAT for IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-15 14:27:05 -07:00
Tom Eastep
a3f6b9292e Change "see above" to "see below" in routefilter description
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-07 16:34:42 -07:00
Tom Eastep
d3ed864daa Clarify routeback vs routefilter/sfilter in interfaces manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-07 11:13:26 -07:00
Tom Eastep
ee8a8978b2 Fix typo in the Shorewall6 interfaces manpage 2011-09-04 15:11:05 -07:00
Tom Eastep
bc706324e9 Add an ALL section to the rules files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-15 15:32:24 -07:00
Tom Eastep
18e3dd40e6 Add an IPv6 ipset manpage and clarify +[...]
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-26 13:15:10 -07:00
Tom Eastep
3f903fe3f1 Allow IPv6 Address as the third argument to TPROXY
- also update the manpages to describe TPROXY

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-07 06:43:16 -07:00
Tom Eastep
dedbbf2292 Replace FILTER_LOG_LEVEL with SFILTER_LOG_LEVEL in the .conf manpages 2011-06-26 11:19:57 -07:00
Tom Eastep
33be910029 Avoid false match 2011-06-26 09:16:02 -07:00