Commit Graph

12838 Commits

Author SHA1 Message Date
Tom Eastep
5e07ad8caa Allow a directory to be specified with -e.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-04 14:05:52 -07:00
Tom Eastep
6aaf06c2e8 Add stoppedrules files to the samples
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-04 09:06:45 -07:00
Tom Eastep
eb854f1dbe Only process routestopped when stoppedrules does not exist or is empty
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-04 08:46:04 -07:00
Tom Eastep
2050d566b8 Handle PRODUCT correctly at run-time.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-04 07:36:47 -07:00
Tom Eastep
188f05e130 Make ./firewall the default file when compile -e
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-04 07:35:03 -07:00
Tom Eastep
4260e5f6ba Correctly handle the product name in export shorewallrc.
- Also re-arranged the processing of the shorewallrc file to eliminate
  the kludgy shuffling of hashes.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-04 06:59:16 -07:00
Tom Eastep
7235d4da11 Update manpage indexes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-03 20:25:15 -07:00
Tom Eastep
bdd66e68c9 Have separate hashes for the two shorewallrc files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-03 20:09:20 -07:00
Tom Eastep
55e3b11a28 Pass both shorewallrc files to the compiler from lib.cli-std
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-03 15:07:50 -07:00
Tom Eastep
b8e6a812bd Specify the cwd when compiling or checking for export
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-03 11:33:58 -07:00
Tom Eastep
09ce6239a7 Install stoppedrules rather than routestopped
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-03 11:00:22 -07:00
Tom Eastep
5645d66719 Add VARDIR to the shorewallrc files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-03 10:52:40 -07:00
Tom Eastep
afd9875d3a Update Manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-03 10:52:22 -07:00
Tom Eastep
5b953cc1dd Handle different layouts on the admin system and remote firewall(s)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-03 09:50:07 -07:00
Tom Eastep
8e5bd3637d Implement stoppedrules file (less manpages)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-03 08:44:03 -07:00
Tom Eastep
01696e7298 Remove empty paragraph in shorewall-rules(5)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-03 05:52:40 -07:00
Tom Eastep
b922177769 Handle missing VARDIR
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-02 15:51:35 -07:00
Tom Eastep
c16dfc609d Documentation updates for VARLIB
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-02 15:43:52 -07:00
Tom Eastep
88ab423b2a Correct 'postcompile' patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-02 14:55:56 -07:00
Tom Eastep
e66d9e3418 Rename VARDIR to VARLIB in shorewallrc
- Done so that existing shorewallrc files are still valid.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-02 14:36:11 -07:00
Tom Eastep
bf70f6e71e More Shorewall-init init script corrections
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-02 13:43:43 -07:00
Tom Eastep
7279553be4 Revert "Add GROUP zones"
This reverts commit 4f2a4c0c6c.
2012-09-02 11:08:38 -07:00
Tom Eastep
a6740c6c53 Revert "Assign marks to according to GROUP zones"
This reverts commit 3fbfafb6e3.
2012-09-02 11:06:28 -07:00
Tom Eastep
c31c9bca9c Handle ${CONFDIR}/$PRODUCT/vardir consistently in Shorewall-init init scripts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-02 10:23:11 -07:00
Tom Eastep
f5e1a42ac9 Update the Shorewall-Lite article
- Mention shorewallrc
- Mention that /etc/shorewall/shorewall.conf is no longer read when the
  configuration directory has a shorewall.conf file.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-02 09:10:19 -07:00
Tom Eastep
9c6d4f90fb Compile the firewall script if it doesn't exist
- Also cleaned up a number of defects in the init scripts

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-02 08:35:42 -07:00
Tom Eastep
4f54cb34df Add a postcompile script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-02 08:28:02 -07:00
Tom Eastep
3fbfafb6e3 Assign marks to according to GROUP zones
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-01 18:13:49 -07:00
Tom Eastep
34ee00a986 Document the <directory> argument to the 'try' command.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-01 10:53:35 -07:00
Tom Eastep
156fa5ab01 Some fixes to the Fedora Shorewall-init init script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-01 10:52:59 -07:00
Tom Eastep
353915fc8b Allow ipsets in the routestopped file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-01 10:52:37 -07:00
Tom Eastep
02e7d13710 Load iptables_raw in modules.essential
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-01 08:27:03 -07:00
Tom Eastep
e2c7284529 Correct handling of 'source' with ADMINISABSENTMINDED=No
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-01 08:26:31 -07:00
Tom Eastep
092c2ef8f7 No longer process the local shorewall.conf when compiling from a directory
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-01 08:21:45 -07:00
Tom Eastep
4f2a4c0c6c Add GROUP zones
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-31 17:37:01 -07:00
Tom Eastep
deea614677 Placate the latest Emacs WRT qw/.../
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-31 17:36:38 -07:00
Tom Eastep
1119d64b29 Break SNMP Macro into two macros
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-31 06:53:05 -07:00
Tom Eastep
053797a85e Merge branch '4.5.7' 2012-08-30 14:27:01 -07:00
Tom Eastep
48706695b6 Make the SNMP bi-directional with traps allowed in the reverse direction
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-30 14:25:51 -07:00
Tom Eastep
9b05146a85 New documents (WIP)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-30 10:06:58 -07:00
Tom Eastep
09a6f8bc16 Revert non-fatal error implementation
- In the end, I didn't like the way this worked.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-29 11:35:11 -07:00
Tom Eastep
303dc65d13 Merge branch '4.5.7' 2012-08-28 11:46:04 -07:00
Tom Eastep
d838cf41bf Allow TTL and HL in the PREROUTING chain.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-28 11:45:32 -07:00
Tom Eastep
40b21560d8 Merge branch '4.5.7' 2012-08-28 07:50:27 -07:00
Tom Eastep
899bce13c3 Some doc updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-27 13:22:05 -07:00
Tom Eastep
84e24325de Merge branch '4.5.7' 2012-08-27 07:30:21 -07:00
Tom Eastep
3aca90811c Clear the current comment at the end of the blrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-27 07:29:47 -07:00
Tom Eastep
7b12558249 Merge branch '4.5.7' 2012-08-26 09:18:16 -07:00
Tom Eastep
341dec0711 Another fix for the NOTRACK patch
- 3 defects in a two-line patch :-(
2012-08-26 09:17:57 -07:00
Tom Eastep
54fcc33adf Merge branch '4.5.7' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall into 4.5.7 2012-08-26 08:28:30 -07:00