Tom Eastep
835a056eb8
Implement BLACKLIST section in the rules file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-03 16:02:01 -07:00
Tom Eastep
e09aa8662b
Correct title in action.TCPFlags
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-03 09:05:38 -07:00
Tom Eastep
57650e8dd9
Add two new actions
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-02 18:41:58 -07:00
Tom Eastep
0a5d5821ec
Support additional forms of column/value pair specification
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-02 11:45:55 -07:00
Tom Eastep
e728d663f9
Implement IPTABLES_S capability
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-01 13:54:52 -07:00
Tom Eastep
2f0829596f
Fix format-1 Actions
2011-10-01 12:17:29 -07:00
Tom Eastep
f6092ee52d
Eliminate the maxcolumns argument to the split_line functions
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-01 11:39:12 -07:00
Tom Eastep
072f4752fc
Get rid of minimum column requirement
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-01 09:56:25 -07:00
Tom Eastep
c76957cc39
Reword an error message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-26 08:51:05 -07:00
Tom Eastep
4c7f1a03a0
Catch multiple semicolons on a line.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-26 07:42:44 -07:00
Tom Eastep
9a4dfc4394
Implement an alternate way of specifying column contents.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-25 17:08:53 -07:00
Tom Eastep
da5b6b99d4
Implement TTL support in tcrules.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-24 16:17:52 -07:00
Tom Eastep
dbf5f17b41
More tweaks to switch implementation.
...
1) Switch names may be 30 characters long.
2) Switch settings are retained over restart.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-24 07:34:58 -07:00
Tom Eastep
40bc6df07a
Correct handling of SWITCH column
...
- Handle exclusion
- Correctly detect CONDITION_MATCH at compile time
- Include condition match in the filter part of a NAT rule
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 15:01:40 -07:00
Tom Eastep
caddd65412
Rename condition->switch and add more documentation.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 12:33:55 -07:00
Tom Eastep
75b4540d26
Add support for condition match in the rules file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-21 15:20:50 -07:00
Tom Eastep
7978993d2b
Validate NET2 in IPv6
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-20 16:24:39 -07:00
Tom Eastep
d005536fcc
Merge branch 'master' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-20 16:20:34 -07:00
Tom Eastep
a5e05c9e8e
Don't allow long port lists or icmp lists in netmap
2011-09-19 13:27:27 -07:00
Tom Eastep
990d6e504d
Correct icmp-type and icmpv6-type
2011-09-19 10:05:58 -07:00
Tom Eastep
fd1e996fb1
Correct call to dest_iexclusion()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-19 08:28:29 -07:00
Tom Eastep
e01276225c
Correct port order in the netmap file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-19 06:17:02 -07:00
Tom Eastep
c2bcb08483
Add 'i' versions of exclusion functions.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-18 14:12:22 -07:00
Tom Eastep
95a83f7fdf
Allow exclusion in the netmap file's NET1 column
2011-09-17 09:20:15 -07:00
Tom Eastep
5aac5870a1
Call setup_netmap if IPv6
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-17 07:31:18 -07:00
Tom Eastep
86847957bf
Merge branch '4.4.23'
2011-09-16 09:03:43 -07:00
Tom Eastep
76fc55d750
Fix TC_ENABLED=Shared
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-16 06:50:34 -07:00
Tom Eastep
be1765f44d
Don't emit 'enable' code for required providers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-15 14:46:29 -07:00
Tom Eastep
fcb8fa79c0
Don't emit 'enable' code for required providers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-14 08:25:47 -07:00
Tom Eastep
e1afc645ba
Allow IPv6 stateless NAT (undocumented)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-14 08:24:44 -07:00
Tom Eastep
fe9df4dfd1
Remove interface weight file if not balance or default.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-14 06:24:22 -07:00
Tom Eastep
8fe6425690
Correct DONT_LOAD
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-13 07:42:26 -07:00
Tom Eastep
ab1fac3fc6
Add some comments to getparams
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-11 09:52:12 -07:00
Tom Eastep
d4b37d1c52
Better way of handling environmental variables with embedded quotes.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-10 15:46:26 -07:00
Tom Eastep
fb6d4ffaf9
Merge branch '4.4.23'
2011-09-10 08:34:45 -07:00
Tom Eastep
8ce60ce825
Don't emit dangerous %ENV entries to the generated script
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-10 08:18:46 -07:00
Tom Eastep
7ed52360d5
Set all interfaces's 'routefilter' option if ROUTE_FILTER=on
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-07 12:19:13 -07:00
Tom Eastep
6f2fd75a8c
Merge branch '4.4.23'
2011-09-07 11:14:11 -07:00
Tom Eastep
5f85646418
Fix disable of last balanced route
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-07 07:00:18 -07:00
Tom Eastep
6ae184ccc7
Update the released netmap file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-06 15:36:33 -07:00
Tom Eastep
b19a6f0bfd
Merge branch '4.4.23'
2011-09-05 17:25:03 -07:00
Tom Eastep
77ca62835f
Add PROTO and PORTS columns to netmap
2011-09-05 12:33:42 -07:00
Tom Eastep
02009ee060
Set 'use_..._chain' on interfaces with sfilters
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-05 06:23:18 -07:00
Tom Eastep
2285dce4d1
Fix debugging of ipv6 ruleset
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-03 13:58:05 -07:00
Tom Eastep
058b746f57
Use /sys/module/ to speed up module loading
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-03 11:49:31 -07:00
Tom Eastep
29e0f57928
Cosmetic/readability changes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-03 08:44:15 -07:00
Tom Eastep
d1fea7c682
Correct 'disable' with dynamic gateway
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-02 11:01:06 -07:00
Tom Eastep
46d9faa63a
Correct sed invocation in add_gateway()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-02 10:28:41 -07:00
Tom Eastep
a63d4dad44
More sfilter tweaks
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-02 08:41:42 -07:00
Tom Eastep
6afd18646d
Remove backslashes from routes before processing them.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-02 08:41:15 -07:00