Commit Graph

4317 Commits

Author SHA1 Message Date
Tom Eastep
835a056eb8 Implement BLACKLIST section in the rules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-03 16:02:01 -07:00
Tom Eastep
e09aa8662b Correct title in action.TCPFlags
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-03 09:05:38 -07:00
Tom Eastep
57650e8dd9 Add two new actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-02 18:41:58 -07:00
Tom Eastep
0a5d5821ec Support additional forms of column/value pair specification
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-02 11:45:55 -07:00
Tom Eastep
e728d663f9 Implement IPTABLES_S capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-01 13:54:52 -07:00
Tom Eastep
2f0829596f Fix format-1 Actions 2011-10-01 12:17:29 -07:00
Tom Eastep
f6092ee52d Eliminate the maxcolumns argument to the split_line functions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-01 11:39:12 -07:00
Tom Eastep
072f4752fc Get rid of minimum column requirement
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-01 09:56:25 -07:00
Tom Eastep
c76957cc39 Reword an error message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-26 08:51:05 -07:00
Tom Eastep
4c7f1a03a0 Catch multiple semicolons on a line.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-26 07:42:44 -07:00
Tom Eastep
9a4dfc4394 Implement an alternate way of specifying column contents.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-25 17:08:53 -07:00
Tom Eastep
da5b6b99d4 Implement TTL support in tcrules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-24 16:17:52 -07:00
Tom Eastep
dbf5f17b41 More tweaks to switch implementation.
1) Switch names may be 30 characters long.
2) Switch settings are retained over restart.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-24 07:34:58 -07:00
Tom Eastep
40bc6df07a Correct handling of SWITCH column
- Handle exclusion
- Correctly detect CONDITION_MATCH at compile time
- Include condition match in the filter part of a NAT rule

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 15:01:40 -07:00
Tom Eastep
caddd65412 Rename condition->switch and add more documentation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 12:33:55 -07:00
Tom Eastep
75b4540d26 Add support for condition match in the rules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-21 15:20:50 -07:00
Tom Eastep
7978993d2b Validate NET2 in IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-20 16:24:39 -07:00
Tom Eastep
d005536fcc Merge branch 'master' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-20 16:20:34 -07:00
Tom Eastep
a5e05c9e8e Don't allow long port lists or icmp lists in netmap 2011-09-19 13:27:27 -07:00
Tom Eastep
990d6e504d Correct icmp-type and icmpv6-type 2011-09-19 10:05:58 -07:00
Tom Eastep
fd1e996fb1 Correct call to dest_iexclusion()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-19 08:28:29 -07:00
Tom Eastep
e01276225c Correct port order in the netmap file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-19 06:17:02 -07:00
Tom Eastep
c2bcb08483 Add 'i' versions of exclusion functions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-18 14:12:22 -07:00
Tom Eastep
95a83f7fdf Allow exclusion in the netmap file's NET1 column 2011-09-17 09:20:15 -07:00
Tom Eastep
5aac5870a1 Call setup_netmap if IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-17 07:31:18 -07:00
Tom Eastep
86847957bf Merge branch '4.4.23' 2011-09-16 09:03:43 -07:00
Tom Eastep
76fc55d750 Fix TC_ENABLED=Shared
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-16 06:50:34 -07:00
Tom Eastep
be1765f44d Don't emit 'enable' code for required providers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-15 14:46:29 -07:00
Tom Eastep
fcb8fa79c0 Don't emit 'enable' code for required providers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-14 08:25:47 -07:00
Tom Eastep
e1afc645ba Allow IPv6 stateless NAT (undocumented)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-14 08:24:44 -07:00
Tom Eastep
fe9df4dfd1 Remove interface weight file if not balance or default.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-14 06:24:22 -07:00
Tom Eastep
8fe6425690 Correct DONT_LOAD
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-13 07:42:26 -07:00
Tom Eastep
ab1fac3fc6 Add some comments to getparams
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-11 09:52:12 -07:00
Tom Eastep
d4b37d1c52 Better way of handling environmental variables with embedded quotes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-10 15:46:26 -07:00
Tom Eastep
fb6d4ffaf9 Merge branch '4.4.23' 2011-09-10 08:34:45 -07:00
Tom Eastep
8ce60ce825 Don't emit dangerous %ENV entries to the generated script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-10 08:18:46 -07:00
Tom Eastep
7ed52360d5 Set all interfaces's 'routefilter' option if ROUTE_FILTER=on
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-07 12:19:13 -07:00
Tom Eastep
6f2fd75a8c Merge branch '4.4.23' 2011-09-07 11:14:11 -07:00
Tom Eastep
5f85646418 Fix disable of last balanced route
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-07 07:00:18 -07:00
Tom Eastep
6ae184ccc7 Update the released netmap file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-06 15:36:33 -07:00
Tom Eastep
b19a6f0bfd Merge branch '4.4.23' 2011-09-05 17:25:03 -07:00
Tom Eastep
77ca62835f Add PROTO and PORTS columns to netmap 2011-09-05 12:33:42 -07:00
Tom Eastep
02009ee060 Set 'use_..._chain' on interfaces with sfilters
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-05 06:23:18 -07:00
Tom Eastep
2285dce4d1 Fix debugging of ipv6 ruleset
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-03 13:58:05 -07:00
Tom Eastep
058b746f57 Use /sys/module/ to speed up module loading
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-03 11:49:31 -07:00
Tom Eastep
29e0f57928 Cosmetic/readability changes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-03 08:44:15 -07:00
Tom Eastep
d1fea7c682 Correct 'disable' with dynamic gateway
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-02 11:01:06 -07:00
Tom Eastep
46d9faa63a Correct sed invocation in add_gateway()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-02 10:28:41 -07:00
Tom Eastep
a63d4dad44 More sfilter tweaks
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-02 08:41:42 -07:00
Tom Eastep
6afd18646d Remove backslashes from routes before processing them.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-02 08:41:15 -07:00