Tom Eastep
|
7e984af094
|
Some cleanup of policy actions
- Allow '+' in policy file action list
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-02-07 13:19:53 -08:00 |
|
Tom Eastep
|
af8d4e32c2
|
Replace 'info' with '$LOG' in the sample policy files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-02-07 08:27:19 -08:00 |
|
Tom Eastep
|
ca33a7ef65
|
Fix Sample .conf files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-02-06 18:28:05 -08:00 |
|
Tom Eastep
|
e91f414223
|
Document policy action changes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-02-06 17:09:23 -08:00 |
|
Tom Eastep
|
5cd2f26b51
|
Correct shorewall.conf(5)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-02-06 14:46:10 -08:00 |
|
Tom Eastep
|
dab9e1d7c4
|
Assume no default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-02-06 14:45:43 -08:00 |
|
Tom Eastep
|
b9471a2499
|
Correct parsing of the POLICY column
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-02-06 14:15:24 -08:00 |
|
Tom Eastep
|
95ffada759
|
Change sample IPv4 default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-02-06 13:47:02 -08:00 |
|
Tom Eastep
|
b2553fb008
|
Another change to allow builtin actions as default actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-02-06 13:25:10 -08:00 |
|
Tom Eastep
|
8bc70674f3
|
Make DropDNSrep an inline action
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-02-06 11:21:56 -08:00 |
|
Tom Eastep
|
cecb8a1950
|
Deprecate the Drop and Reject actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-02-06 10:52:31 -08:00 |
|
Tom Eastep
|
079d862bb3
|
Document default-action lists
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-02-06 10:51:57 -08:00 |
|
Tom Eastep
|
92133e5a6b
|
Default-action lists
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-02-06 10:11:48 -08:00 |
|
Tom Eastep
|
686ca9d3a3
|
Allow builtin actions in xxx_DEFAULT settings.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-02-05 15:21:57 -08:00 |
|
Tom Eastep
|
70a395892f
|
Make BLACKLIST work correctly in the blrules file
- Add the 'section' action option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-23 15:03:02 -08:00 |
|
Tom Eastep
|
d2d11df4f6
|
Make action.BLACKLIST behave correctly in the blrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-23 13:35:10 -08:00 |
|
Tom Eastep
|
b985654600
|
Correct typo in heading of Reject and Drop actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-23 11:54:40 -08:00 |
|
Tom Eastep
|
62ff6d3fa5
|
Remove obsolete macros
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-23 09:26:19 -08:00 |
|
Tom Eastep
|
2bbb5c8c1e
|
Add hack to distinguish between the BLACKLIST macro and action
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-23 09:23:26 -08:00 |
|
Tom Eastep
|
33b4ee4d31
|
Don't quote variable values in ERROR/WARNING/INFO directives
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-23 09:00:18 -08:00 |
|
Tom Eastep
|
d111e4f186
|
Handle built-in actions in 'show action'
- Remove a couple of non-actions from IPv4 actions.std
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-22 15:40:36 -08:00 |
|
Tom Eastep
|
634c8debda
|
Use ?REQUIRE in several actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-22 14:59:37 -08:00 |
|
Tom Eastep
|
71dd5d016b
|
Add ?REQUIRE compiler directive
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-22 14:48:18 -08:00 |
|
Tom Eastep
|
6b408869d2
|
Correct the synopsis in two action files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-22 11:47:12 -08:00 |
|
Tom Eastep
|
edf08bf408
|
Cosmetic change in compiler()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-21 19:47:50 -08:00 |
|
Tom Eastep
|
9c3a82f628
|
Add BLACKLIST action
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-19 14:08:15 -08:00 |
|
Tom Eastep
|
e6933f4c8d
|
Add BLACKLIST policy
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-18 10:55:15 -08:00 |
|
Tom Eastep
|
cc3b8793e0
|
Make BALANCE_PROVIDERS default the setting of USE_DEFAULT_RT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-17 15:02:16 -08:00 |
|
Tom Eastep
|
ac5fd195ec
|
Correct provider/routefilter check wrt optional interfaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-17 09:34:13 -08:00 |
|
Tom Eastep
|
45b9ddf188
|
Add BALANCE_PROVIDERS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-17 08:58:09 -08:00 |
|
Tom Eastep
|
2d16fac9ed
|
Revert "Implement USE_DEFAULT_RT=Exact"
This reverts commit 2ca1ae734a .
|
2017-01-17 08:25:33 -08:00 |
|
Tom Eastep
|
f23970b4f7
|
Include LOG_MARTIANS in test for setting log_martians with routefilter
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-14 13:03:24 -08:00 |
|
Tom Eastep
|
04112647d3
|
Correct provider/routefilter checking
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-14 12:40:39 -08:00 |
|
Tom Eastep
|
2ca1ae734a
|
Implement USE_DEFAULT_RT=Exact
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-14 08:14:08 -08:00 |
|
Tom Eastep
|
64c249a174
|
Set logmartians along with routefilter.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-11 15:53:55 -08:00 |
|
Tom Eastep
|
0019ca53e5
|
Include ROUTE_FILTER in routefilter/provider checks
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-11 15:39:13 -08:00 |
|
Tom Eastep
|
0d2a5089a9
|
Merge branch '5.1.0'
|
2017-01-11 12:29:57 -08:00 |
|
Tom Eastep
|
50d09e76cb
|
Catch 'routefilter' with provider interfaces.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-11 11:47:10 -08:00 |
|
Tom Eastep
|
73772efb85
|
Correct typo in shorewall-interfaces(5)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-11 11:20:07 -08:00 |
|
Tom Eastep
|
568f461763
|
Propogate PAGER to -lite systems
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-11 11:18:57 -08:00 |
|
Tom Eastep
|
cb150f9c09
|
Allow compact IPv6 addresses in IP6TABLES() rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-07 10:01:03 -08:00 |
|
Tom Eastep
|
19ce2093d8
|
Correct splitting of IP(6)TABLES options
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-07 10:00:37 -08:00 |
|
Tom Eastep
|
b8c322a05f
|
Ignore SUBSYSLOCK when $SERVICEDIR is non-empty
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-06 15:50:26 -08:00 |
|
Tom Eastep
|
f68d3fd9fa
|
Revert "Remove SUBSYSLOCK"
This reverts commit 386b137e9b .
|
2017-01-06 09:49:40 -08:00 |
|
Tom Eastep
|
386b137e9b
|
Remove SUBSYSLOCK
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-05 10:03:03 -08:00 |
|
Tom Eastep
|
ce68f84d9d
|
Remove Makefile from Shorewall[6][-lite]
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-05 08:22:02 -08:00 |
|
Tom Eastep
|
5aed31d37a
|
Restore SUBSYSLOCK setting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-04 19:39:08 -08:00 |
|
Tom Eastep
|
0b3d1b1d36
|
Revert code that assumed no CLI symlinks
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-04 17:12:20 -08:00 |
|
Tom Eastep
|
2f9ef4dda7
|
Update kernel module files
- Include additional nat modules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-12-30 10:56:16 -08:00 |
|
Tom Eastep
|
5174fe0161
|
Avoid echo options
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-12-28 11:09:08 -08:00 |
|