shorewall_code

mirror of https://gitlab.com/shorewall/code.git synced 2025-06-10 19:56:42 +02:00

Author	SHA1	Message	Date
Tom Eastep	7aaa04149e	Merge branch '5.2.3' # Conflicts: # Shorewall/manpages/shorewall-files.xml # docs/SharedConfig.xml	2020-02-01 09:45:33 -08:00
Tom Eastep	08da235896	Correct IPv6 Address Range parsing Previously, such ranges were required to be of the form [<addr1>-<addr2>] rather than the more standard form [<addr1>]-[<addr2>]. In the snat file (and in nat actions), the latter form was actually flagged as an error while in other contexts, it resulted in a less obvious error being raised. With this change, both forms are accepted. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-12-23 10:02:48 -08:00
Tom Eastep	157abcbd37	Allow NFQUEUE 'bypass' in the policy file Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-10-21 14:41:02 -07:00
Tom Eastep	cb56991fee	Merge branch '5.2.3'	2019-09-03 07:45:57 -07:00
Tom Eastep	7051daeb08	Correct handle of multi-queue NFQUEUE when passed to a macro Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-08-25 14:18:54 -07:00
Tom Eastep	a9c42e1eaa	Correct NFQUEUE policy with per-CPU queues Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-08-25 14:18:06 -07:00
Matt Darfeuille	53495ec0a8	Point exclusively to shorewall.org Signed-off-by: Matt Darfeuille <matdarf@gmail.com> Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-03-25 11:35:00 -07:00
Tom Eastep	e626b77097	Correct policy zone exclusion handling Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-02-21 09:31:13 -08:00
Matt Darfeuille	d3fcb29f0d	Use proper function name for warning messages Signed-off-by: Matt Darfeuille <matdarf@gmail.com> Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-02-07 10:44:46 -08:00
Tom Eastep	edc9e25f25	Deprecate 'all[+]-' Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-23 12:35:07 -08:00
Tom Eastep	9f423412d8	Allow zone exclusion in the policy file Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-22 12:35:23 -08:00
Tom Eastep	7f7fef3a4e	Disallow 'all' in a policy zone list Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-21 10:00:36 -08:00
Tom Eastep	0eb0bace9a	Update more copyrights Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-09 11:57:41 -08:00
Tom Eastep	bef8ec09b3	Insist that '+' (if present) be the first non-blank character in IL matches Signed-off-by: Tom Eastep <teastep@shorewall.net>	2019-01-08 13:55:02 -08:00
Tom Eastep	be2110b47e	Revert "Remove ULOG support" This reverts commit 061ce3d781cc86918b32c3e65421bb9978d4b3fd.	2018-12-14 08:54:07 -08:00
Tom Eastep	86b82c53cf	Correct HELPER requires error message Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-11-28 10:59:53 -08:00
Tom Eastep	061ce3d781	Remove ULOG support Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-11-15 14:59:29 -08:00
Tom Eastep	9f3cc88cf0	Prevent invalid code generation with SNAT(detect) Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-10-02 08:15:20 -07:00
Tom Eastep	1b6de901e0	Merge branch '5.2.0'	2018-08-24 15:33:16 -07:00
Tom Eastep	56780a5d1f	Apply rate limiting in the nat table on nat+accept rules Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-08-24 15:31:20 -07:00
Tom Eastep	22c1bc2e9c	Apply rate limiting in the nat table on nat+accept rules Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-08-23 14:07:10 -07:00
Tom Eastep	bfb9852eb6	Allow MARK, CONNMARK, SAVE and RESTORE in the nat table Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-06-14 10:01:12 -07:00
Tom Eastep	a8b6a301f2	Revert "MARK and CONNMARK in the snat file" This reverts commit e36547f8be1cc60c945a1ef14db3b369ca877ed5.	2018-06-14 07:58:33 -07:00
Tom Eastep	e36547f8be	MARK and CONNMARK in the snat file Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-06-10 16:34:55 -07:00
Tom Eastep	5e2f1f573d	Unconditionally convert masq->snat Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-27 11:38:47 -07:00
Tom Eastep	011322992e	Revert "Delete masq file processing" This reverts commit 609ee8dea2cc8aa90ffd6f9a696186217a22e91f.	2018-03-27 11:08:33 -07:00
Tom Eastep	609ee8dea2	Delete masq file processing - Automatically convert the masq file if it exists Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-26 11:40:22 -07:00
Matt Darfeuille	299ea2b41f	Update version to 5.2 - Remove unneeded punctuation marks Signed-off-by: Matt Darfeuille <matdarf@gmail.com> Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-03-24 09:53:02 -07:00
Tom Eastep	88547f5140	Handle two-chain case when LOG_ZONE != 'Both' Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-02-22 11:25:19 -08:00
Tom Eastep	7ad7598d5b	Implement LOG_ZONE Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-02-20 15:31:31 -08:00
Tom Eastep	0cb4a5c202	Correct "Invalid Policy Action" error message Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-02-19 10:04:18 -08:00
Tom Eastep	cdf5ad45d5	Eliminate the MAPOLDACTIONS option Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-01-24 12:59:26 -08:00
Tom Eastep	a9a379c5a5	Implement INPUT SNAT Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-01-22 16:37:38 -08:00
Tom Eastep	fb4b362724	Eliminate unnecessary local array Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-01-20 13:26:10 -08:00
Tom Eastep	97de2be778	Change a fatal_error() call with an assertion in add_policy_rules() Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-01-19 13:39:51 -08:00
Tom Eastep	85cae3c7f8	Add parens to improve readability Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-01-19 12:47:17 -08:00
Tom Eastep	1bc90beb01	Update copyrights Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-01-07 15:01:46 -08:00
Tom Eastep	056711d304	Remove anachronistic comment Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-01-06 13:58:20 -08:00
Tom Eastep	0aa0bebe07	Reword error message - "Invalid action name ..." to "Reserved action name ..." Signed-off-by: Tom Eastep <teastep@shorewall.net>	2018-01-06 13:56:36 -08:00
Tom Eastep	9e3cb27d0a	Use the synchain name in log messages rather than the base chain name Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-12-28 14:13:50 -08:00
Tom Eastep	821d72093a	Rename DEFAULTACTION_SECTION to POLICYACTION_SECTION. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-12-02 16:25:15 -08:00
Tom Eastep	42d5d13780	Retain proto setting when switching inline <-> noinline Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-12-02 13:40:41 -08:00
Tom Eastep	7121a0f1b1	Disallow a protocol on the Reject Action Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-12-02 12:58:05 -08:00
Tom Eastep	ab12d63a4f	Change 'default action' to 'policy action' in comments and messages Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-12-02 12:55:17 -08:00
Tom Eastep	6ba1d5413b	Allow a protocol to be associated with an action Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-12-02 11:24:08 -08:00
Tom Eastep	2a9272ccd1	Clean up RAs involving "\|" Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-11-14 08:26:17 -08:00
Tom Eastep	ef8b85fc3e	Implement support for logging in the SNAT file Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-11-02 12:44:42 -07:00
Tom Eastep	b35f1112f4	Allow 'noinline' in /etc/shorewall[6]/actions to override 'inline' Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-10-20 09:19:50 -07:00
Tom Eastep	77d9eeb915	Eliminate extra parameter editing of TPROXY parameter list. - Clarify syntax for actions with multiple parameters Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-10-19 13:08:12 -07:00
Tom Eastep	17838c1443	Add TCPMSS to the allowed mangle actions. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2017-10-19 12:58:38 -07:00

1 2 3 4 5 ...

816 Commits