Tom Eastep
|
c7848be266
|
Back out the rest of the original change for dup / -[psiod]
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-05-03 09:59:25 -07:00 |
|
Tom Eastep
|
70c6a2cdf3
|
Update version to 4.4.9-RC2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-05-02 07:25:50 -07:00 |
|
Tom Eastep
|
7d2df848c9
|
Tighten up the new mDNS rule
|
2010-05-01 12:13:02 -07:00 |
|
Tom Eastep
|
9bcd9fd12b
|
Allow for mDNS multicast responses
|
2010-05-01 12:01:58 -07:00 |
|
Tom Eastep
|
639b3ea57d
|
Simplify checking for /! -[piosd] /
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-05-01 09:13:16 -07:00 |
|
Tom Eastep
|
311372013d
|
More fixes to optimization
Only disallow / ! -[piosd] / if the target is a chain
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-05-01 08:58:41 -07:00 |
|
Tom Eastep
|
5456c9fba3
|
Add instructions for proxying firewall-local connections
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-05-01 08:26:22 -07:00 |
|
Tom Eastep
|
518416ec2e
|
Add a comment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-05-01 08:08:39 -07:00 |
|
Tom Eastep
|
94c6b37e8e
|
Avoid leaving an orphan '!' behind.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-05-01 07:51:24 -07:00 |
|
Tom Eastep
|
219b2e0761
|
A more comprehensive solution to multiple -[piosd] matches.
- eliminate duplicate -[piosd] matches in merged rules
- avoid tracing !* unconditionally
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-05-01 07:26:25 -07:00 |
|
Tom Eastep
|
16161d9cfc
|
Add new trace types.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-05-01 06:43:09 -07:00 |
|
Tom Eastep
|
1173518d78
|
More minor cleanup of first code
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-30 07:22:09 -07:00 |
|
Tom Eastep
|
2864841a9e
|
Correct release notes
update version to RC1
correct typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-29 11:21:31 -07:00 |
|
Tom Eastep
|
076da4bd5c
|
Couple of tweaks to my earliest code
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-29 11:19:50 -07:00 |
|
Tom Eastep
|
83d8d497d7
|
Correct typos in IPSEC article.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-28 08:12:41 -07:00 |
|
Tom Eastep
|
a997d6507d
|
Update release notes with more common example of failure.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-28 08:09:10 -07:00 |
|
Tom Eastep
|
039668b333
|
Update release notes to reflect reality.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-28 06:57:45 -07:00 |
|
Tom Eastep
|
2c1cede54e
|
Revise addressless bridge change
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-27 15:23:38 -07:00 |
|
Tom Eastep
|
013567496c
|
Update manpages for addressless bridge
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-27 12:40:57 -07:00 |
|
Tom Eastep
|
d8b0f496df
|
Allow simple configuration of a bridge with no IP address
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-27 12:26:58 -07:00 |
|
Tom Eastep
|
4b6bff7693
|
Add link from the netmap article to the OpenVPN doc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-27 07:04:33 -07:00 |
|
Tom Eastep
|
eab6387817
|
Add solution for handling duplicate networks in an OpenVPN environment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-27 07:04:06 -07:00 |
|
Tom Eastep
|
40bc2cc4a2
|
Update Link
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-26 18:06:16 -07:00 |
|
Tom Eastep
|
988f7c4d7e
|
More fixes for bad NAT optimization
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-26 16:50:18 -07:00 |
|
Tom Eastep
|
f49848bd5b
|
Document rare optimization fix.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-26 16:32:53 -07:00 |
|
Tom Eastep
|
0e4698d57c
|
Fix rare optimization bug
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-26 16:19:58 -07:00 |
|
Tom Eastep
|
6e04c7eec8
|
Mention 6in4 Tunnels in the Documentation Index
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-26 11:11:12 -07:00 |
|
Tom Eastep
|
6d61e962eb
|
Use -m conntrack if available in place of -m state
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-25 13:35:41 -07:00 |
|
Tom Eastep
|
21e0c68ef2
|
Bump version to 4.4.9 RC1
|
2010-04-25 09:37:17 -07:00 |
|
Tom Eastep
|
fb2ddcee7b
|
Bump Version to 4.4.9 Beta 5
|
2010-04-24 21:53:12 -07:00 |
|
Tom Eastep
|
33801bb8a9
|
Add 6in4 information to 6to4 article
|
2010-04-24 19:53:15 -07:00 |
|
Tom Eastep
|
f2f8bcd804
|
Add link to 2010 Linuxfest presentation
|
2010-04-24 08:06:07 -07:00 |
|
Tom Eastep
|
6053352f8c
|
A better fix for find_first_interface_address()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-23 20:06:45 -07:00 |
|
Tom Eastep
|
2cb3bac946
|
Document fix for find_first_interface_address()
|
2010-04-23 12:18:51 -07:00 |
|
Tom Eastep
|
232fc21fe2
|
Allow find_first_interface_address[_if_any] to work properly in the params file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-23 11:54:36 -07:00 |
|
Tom Eastep
|
b821bdcdfd
|
One more pass at improving regex's for target isolation and matching
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-22 14:45:34 -07:00 |
|
Tom Eastep
|
64bf772594
|
Set OUTPUT policy to ACCEPT when optimize_chain deletes all of its rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-22 13:38:38 -07:00 |
|
Tom Eastep
|
b0b39cfc39
|
Document optimization level 2 fix.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-22 11:55:13 -07:00 |
|
Tom Eastep
|
fb754b3a2e
|
Don't remove a lone ACCEPT rule from the OUTPUT chain
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-22 11:35:14 -07:00 |
|
Tom Eastep
|
0dde75d345
|
Fix install scripts (again)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-19 13:08:03 -07:00 |
|
Tom Eastep
|
a0abb11f67
|
Extend 'show log <ipaddr>' to search for a regular expression.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-19 13:02:21 -07:00 |
|
Tom Eastep
|
8c09f21e5d
|
Implement 'show log <token>'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-19 10:20:28 -07:00 |
|
Tom Eastep
|
32d3e50c05
|
Remove extra <emphasis> <\emphasis>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-17 08:54:37 -07:00 |
|
Tom Eastep
|
66a07c3ce6
|
Update copyright in UPnP Doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-17 08:51:57 -07:00 |
|
Tom Eastep
|
a620aa22f9
|
Remove outdated information from the UPnP doc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-17 08:51:11 -07:00 |
|
Tom Eastep
|
a1a78cf09b
|
Abandon the fantesy that multiple optimize 8 passes will achieve anything.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-16 17:12:08 -07:00 |
|
Tom Eastep
|
938cfd7ba4
|
Don't create fw-><bport> chains and rules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-16 12:29:51 -07:00 |
|
Tom Eastep
|
c52a3dcd14
|
Don't generate policy chains for fw to bridgeport zones.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-16 09:56:11 -07:00 |
|
Tom Eastep
|
1030c852f9
|
Simplify a test
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-16 09:21:30 -07:00 |
|
Tom Eastep
|
e7a4aaafc1
|
Modify optimization 8 loop to continue until no chains are combined.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2010-04-16 09:17:57 -07:00 |
|