shorewall_code

mirror of https://gitlab.com/shorewall/code.git synced 2024-12-18 20:30:43 +01:00

Author	SHA1	Message	Date
Tom Eastep	25d45dedfc	Add STARTOPTIONS and RESTARTOPTIONS Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-16 10:03:13 -08:00
Tom Eastep	41e68b59dc	Add STARTOPTIONS and RESTARTOPTIONS Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-15 20:35:55 -08:00
Tom Eastep	58bf562747	Generate load rules at runtime rather than at compile time. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-15 19:23:44 -08:00
Tom Eastep	364420c4eb	Don't derive base in load_chain() Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-15 07:54:30 -08:00
Tom Eastep	b0f7c08844	Save load and status of each interface. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-14 17:43:25 -08:00
Tom Eastep	93bd0b59a8	Load lib.base from lib.cli Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-14 14:17:06 -08:00
Tom Eastep	7316a2c51a	Implement 'load=<load-factor>' in providers file. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-13 16:37:05 -08:00
Tom Eastep	531474592c	Correct handling of '-p' Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-13 15:42:20 -08:00
Tom Eastep	3920cef17e	Update copyright on Shorewall::Providers Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-12 07:14:04 -08:00
Tom Eastep	ec8491caf8	Issue a warning message when both 'route_rules' and 'rtrules' exist. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-12 07:10:16 -08:00
Tom Eastep	057ea718cd	Remove 'stat' provider option Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-12 07:09:53 -08:00
Tom Eastep	58a0b9b5c1	Rename route_rules to rtrules -- phase 2 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-09 07:19:10 -08:00
Tom Eastep	4c2df6fea7	Rename route_rules to rtrules Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-09 06:38:55 -08:00
Tom Eastep	048d380c28	Issue warning if there is a deprecated option setting in the .conf file. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-07 19:58:45 -08:00
Tom Eastep	ce73bb3d22	Unify prog.footer and prog.footer6 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-07 13:53:41 -08:00
Tom Eastep	6f5ab698b4	Add a PROBABILITY column to the tcrules file. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-06 12:54:37 -08:00
Tom Eastep	c4768d4a4a	Allow run-time address variable in the SOURCE column of route_rules Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-06 11:59:22 -08:00
Tom Eastep	afbc561b91	Shorewall install shouldn't remove /usr/share/shorewall/wait4ifup Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-06 11:40:04 -08:00
Tom Eastep	f003c0644b	Fix MARK_IN_FORWARD_CHAIN=Yes with fw source Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-06 09:26:43 -08:00
Tom Eastep	5ddb197680	Make '0' equivalent to '-' in the IN_BANDWIDTH column Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-06 09:14:07 -08:00
Tom Eastep	cda4c6ed11	Implement 'stat' provider option -- phase 1 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-05 16:49:26 -08:00
Tom Eastep	252bba215e	Move lib.core from Shorewall-core to Shorewall Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-05 11:30:36 -08:00
Tom Eastep	46d8adcfe9	Add STATISTIC_MATCH capability Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-04 15:46:01 -08:00
Tom Eastep	9251eca31a	Don't delete lib.common and lib.cli when installing Shorewall Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-04 10:32:17 -08:00
Tom Eastep	9353788285	Correct uninstall scripts for Shorewall and Shorewall6 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-04 08:07:27 -08:00
Tom Eastep	e545bf4f04	Unify install files between Shorewall and Shorewall6 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-03 16:35:41 -08:00
Tom Eastep	84dc26b82c	Create lib.core Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-03 13:06:00 -08:00
Tom Eastep	7d756f51ac	More unification of prog.header and prog.header6 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-03 08:39:18 -08:00
Tom Eastep	4216d80c12	Allow Provider name in 'disable' Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-02 15:25:43 -08:00
Tom Eastep	018ba394e3	Move common code from prog.header[6] to lib.common	2012-01-02 14:13:19 -08:00
Tom Eastep	a39f4699dc	Update versions and copyrights Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-02 07:43:13 -08:00
Tom Eastep	48a59e032e	Add Shorewall-common Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-01 20:30:09 -08:00
Tom Eastep	72699a6af6	4.4.28->4.5.0 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2012-01-01 07:36:46 -08:00
Tom Eastep	288c7b06dc	Place sfilter jumps in the option chains Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-31 14:47:36 -08:00
Tom Eastep	4b8fb130ba	Update copyright dates. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-31 14:15:25 -08:00
Tom Eastep	c2293f3d64	Eliminate the $blrules global in Shorewall::Rules Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-31 13:16:04 -08:00
Tom Eastep	d6bac484dc	Allow the timeout to be specified in that 'safe' commands. Also, allow a suffix (s, m or h) in the <timeout> paramater to the 'try' command. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-31 09:40:36 -08:00
Tom Eastep	64d3ac036b	Disable BLACKLIST section	2011-12-30 20:25:54 -08:00
Tom Eastep	28f27c65aa	Use SHA1 to shorten digests. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-30 14:58:49 -08:00
Tom Eastep	4d9a43a4dd	Delete some 'dont_move' flags Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-30 11:31:08 -08:00
Tom Eastep	1d9a4c58e9	Cosmetic change with comments. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-30 10:59:23 -08:00
Tom Eastep	6f61293b08	Reduce the size of many configs by not copying long chains multiple times. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-30 10:27:58 -08:00
Tom Eastep	b63c7e0016	A bit of optimization in add_interface_options() Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-30 08:08:28 -08:00
Tom Eastep	6bed5e5e55	Merge branch '4.4.27' Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-30 07:28:14 -08:00
Tom Eastep	5b2f960db3	Disallow :P in CLASSIFY rules and complain if :F is used when the SOURCE or DEST is $FW. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-30 07:22:14 -08:00
Tom Eastep	1da7f52ed5	Copy output interface options rather than jump Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-29 18:49:47 -08:00
Tom Eastep	39f214208a	Fix silly bug in the new option chain implementation Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-29 17:57:39 -08:00
Tom Eastep	6926bcdbb9	More refinements of the option chain stuff. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-29 14:52:07 -08:00
Tom Eastep	f9960a0c94	Restore blacklst and blackout chains Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-29 13:45:35 -08:00
Tom Eastep	2c441b5393	Copy option rules into interface chains if no blacklist Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-29 09:32:16 -08:00
Tom Eastep	bddfb4f41c	Add output option chains Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-29 08:22:00 -08:00
Tom Eastep	03610181fd	Disallow :P in CLASSIFY rules and complain if :F is used when the SOURCE or DEST is $FW. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-29 07:49:53 -08:00
Tom Eastep	3ca9577f04	Cruft removal Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-28 16:22:11 -08:00
Tom Eastep	8cdc83638e	Don't allow PREROUTING CLASSIFY rules. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-28 14:07:12 -08:00
Tom Eastep	a98c85cbc4	Make 'audit' work on a converted blacklist file. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-28 10:30:24 -08:00
Tom Eastep	eda918215d	Option chain phase II implementation Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-28 10:29:15 -08:00
Tom Eastep	0518def9cf	Merge branch '4.4.27'	2011-12-28 09:58:19 -08:00
Tom Eastep	09f58512be	Make 'audit' work on a converted blacklist file. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-28 09:34:34 -08:00
Tom Eastep	eff447ac11	Phase one option chain implementation. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-27 18:12:58 -08:00
Tom Eastep	53451bdaa6	Remove BLACKLIST section from rules files. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-27 15:32:49 -08:00
Tom Eastep	ea9c59a297	Add an interface filter chain for each interface. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-27 13:52:44 -08:00
Tom Eastep	49eb84b9e2	Remove more helper/proto silliness Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-27 13:06:37 -08:00
Tom Eastep	8a8214704e	Centralize checking for required proto with helper Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-27 13:04:19 -08:00
Tom Eastep	aa743f2886	Merge branch '4.4.27'	2011-12-27 13:02:08 -08:00
Tom Eastep	c5868ef6e4	Revert "Remove redundant check." This reverts commit `53dd13cf15`.	2011-12-27 13:01:27 -08:00
Tom Eastep	7721644209	Merge branch '4.4.27' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall into 4.4.27 Conflicts: Shorewall/Perl/Shorewall/Chains.pm Shorewall/Perl/Shorewall/Raw.pm	2011-12-27 12:32:13 -08:00
Tom Eastep	1c2ab238a5	Merge branch '4.4.27' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall into 4.4.27 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-26 13:22:30 -08:00
Tom Eastep	3541767881	Don't croak when adding gateway route fails for IPv6. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-26 11:58:06 -08:00
Tom Eastep	53dd13cf15	Remove redundant check. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-26 11:57:34 -08:00
Tom Eastep	6db8748ee8	Don't show IPv6 cached routes unless asked. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-26 11:57:18 -08:00
Tom Eastep	5520a6d31d	Validate helper<->protocol Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-24 09:24:01 -08:00
Tom Eastep	be4cb9d26a	Validate helper<->protocol Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-23 17:55:13 -08:00
Tom Eastep	97354c8ce8	Detect CT_TARGET when LOAD_HELPERS_ONLY=No Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-23 11:59:51 -08:00
Tom Eastep	e8c7ec38dc	Allow netstat output to appear in dumps on Fedora Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-23 11:59:19 -08:00
Tom Eastep	b58ad8e758	Be sure to delete fooX chain on errors in determine_capabilities() Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-23 10:55:08 -08:00
Tom Eastep	0e3ad6ff91	Omit the chain designator from an error message Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-23 07:51:12 -08:00
Tom Eastep	1c535ee0f9	Correct handling of a chain designator in CLASSIFY rules. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-23 07:44:16 -08:00
Tom Eastep	3081ab1da1	Correct RELATED_DISPOSITION error message Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-22 15:51:50 -08:00
Tom Eastep	ce735e9415	Allow a chain designator in CLASSIFY rules Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-22 15:41:16 -08:00
Tom Eastep	e93dbdcb99	Stop generation of superfluous routing rules. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-21 08:01:25 -08:00
Tom Eastep	ea8efd1c44	Correct 'show ipa' Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-21 07:25:20 -08:00
Tom Eastep	c03fe0a076	Implement USE_LOGICAL_NAMES. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-20 16:03:56 -08:00
Tom Eastep	3e72442954	Convert sample notrack files to FORMAT 2 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-20 14:38:44 -08:00
Tom Eastep	0d4a6c1c28	Replace SHOREWALL_DIR with g_shorewalldir Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-20 08:19:57 -08:00
Tom Eastep	74cee48bc0	Change /sbin/shorewall6 back into a file Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-19 15:52:42 -08:00
Tom Eastep	075d7ca68b	Rename $nolock to $g_nolock Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-19 06:29:05 -08:00
Tom Eastep	6b90c09c04	Correct 'show raw' Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-18 15:11:56 -08:00
Tom Eastep	1c8f6d3856	Eliminate a variable Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-18 15:05:03 -08:00
Tom Eastep	c00068e08d	Another correction to the 'CT' target Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-18 07:21:32 -08:00
Tom Eastep	a80b46be81	Allow a port number to be appended to a helper name Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-17 17:08:24 -08:00
Tom Eastep	ec848ebc01	Parenthesize qa/.../ in embedded Perl Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-17 10:09:23 -08:00
Tom Eastep	ba5db8753e	Fix CT helpers Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-17 08:59:27 -08:00
Tom Eastep	9d66f34932	Allow config options to be used as shell variables Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-15 12:52:22 -08:00
Tom Eastep	10d10b1c16	Remove a redundant capability test Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-15 12:52:06 -08:00
Tom Eastep	6194eceaa4	Restore text of 'Provider "..." compiled' message Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-15 12:51:39 -08:00
Tom Eastep	8ac5f6c086	use specified tool for capabilities detection	2011-12-11 16:28:40 -08:00
Tom Eastep	cc78073ce7	Merge lib.cli-lite into lib.cli Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-11 13:15:30 -08:00
Tom Eastep	4cf564e7c9	Move startup_error() to lib.cli, plus cosmetic changes Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-08 22:00:48 -08:00
Tom Eastep	eec8a4edaf	Cosmetic cleanup Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-07 13:04:20 -08:00
Tom Eastep	eaad3d836c	Correct library name in header comments Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-12-06 19:05:55 -08:00

1 2 3 4 5 ...

4588 Commits