Commit Graph

548 Commits

Author SHA1 Message Date
teastep
89b7028f46 Avoid local exploitability with compile output file -- Take 3
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3256 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-08 00:10:25 +00:00
teastep
cc7f84cea9 Avoid local exploitability with compile output file -- Take 2
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3255 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-07 23:00:13 +00:00
teastep
cfe0e4ee7b Avoid local exploitability with compile output file. Add 'compile' as a synonym for 'generate'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3254 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-07 22:52:15 +00:00
teastep
c743f4cad8 Improve handling of script file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3249 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-07 17:54:20 +00:00
teastep
20489c736b Improve progress messages written to generated script
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3246 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-07 17:14:07 +00:00
teastep
b17bc9f62e Fix bad bug in 'generate'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3245 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-07 16:33:17 +00:00
teastep
e15aec24ff Fix error recovery problem
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3244 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-07 06:10:53 +00:00
teastep
ab7c5cdff9 Implement 'reload' command
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3243 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-07 06:04:16 +00:00
teastep
b1f25a1a4f More fixes for 'generate'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3242 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-07 05:34:24 +00:00
teastep
d86854301d Clean up after failed createchain2
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3241 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-07 04:15:58 +00:00
teastep
af973cf234 Significantly improve 'shorewall generate'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3238 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-07 03:43:49 +00:00
teastep
d81f2ca29e First releast of 'shorewall generate'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3237 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-07 01:08:23 +00:00
teastep
d145351222 Preparation for 'generate' command
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3236 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-06 23:02:55 +00:00
teastep
e3bf8645b0 Yet more removal of dynamic zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3235 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-06 21:43:37 +00:00
teastep
835127a4d7 Remove silly repeated shift commands
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3226 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-04 23:34:07 +00:00
teastep
87ab357c33 More removal of dynamic zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3222 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-04 21:07:58 +00:00
teastep
47cf78cf76 Remove dynamic zone capability from development branch -- Take 2
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3198 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-24 21:59:19 +00:00
teastep
1cb2d888e8 Remove dynamic zone capability from development branch
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3196 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-24 21:23:10 +00:00
teastep
1f4e3572d9 Fix logging with mapped standard actions
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3194 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-24 15:39:58 +00:00
teastep
408a8a3968 Finish wildcard port support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3189 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-21 04:20:16 +00:00
teastep
5b8a9c2dbf First step toward support of wildcard ports
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3188 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-21 04:05:27 +00:00
teastep
f91f118c2a Fix typo in last patch
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3187 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-20 19:24:53 +00:00
teastep
803720a8cc Fix restore script generation with RETAIN_ALIASES=Yes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3185 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-20 19:14:36 +00:00
teastep
d2c9149223 Remove interface port list -- no longer needed
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3183 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-20 00:39:55 +00:00
teastep
28e3a4a7ed Fix security hole in bridge handling; fix bug in NONE intra-zone policy handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3182 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-19 23:37:40 +00:00
teastep
e99e0bd05b Correct IPv6 fix
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3180 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-19 20:52:08 +00:00
teastep
0273709c6f Enable loopback traffic under DISABLE_IPV6
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3172 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-17 01:55:02 +00:00
teastep
6f4dfe64db Fix stupid typo that produced a bug in tcrules processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3153 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-12 18:52:40 +00:00
teastep
7f39d760b7 Add 'ipdecimal' command
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3114 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-02 23:58:57 +00:00
teastep
25480f2187 Allow '-' in the ADDRESS/SUBNET column of the blacklist file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3099 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-01 18:05:13 +00:00
teastep
06dc3cf91e Make Shorewall tolerate prehistoric kernels
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3046 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-22 02:27:00 +00:00
teastep
8bdf97d821 Fix typo in 'firewall' script
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3025 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-18 17:25:09 +00:00
teastep
fd834a4f64 Clean up policy setup for nat, mangle and raw tables -- Take 2
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3023 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-18 17:02:12 +00:00
teastep
e34d046490 Clean up policy setup for nat, mangle and raw tables
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3022 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-18 16:56:38 +00:00
teastep
86a7be6c24 Fix inadvertent change to firewall script
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3018 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-17 19:10:13 +00:00
teastep
0fcc67230c Correct interaction between FASTACCEPT and CLAMPMSS
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3013 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-17 18:23:19 +00:00
teastep
1f0165e8bc Remove flyspeck from firewall file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3001 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-15 18:48:30 +00:00
teastep
93210fa3a5 Fix Makefile and make macro substitution smarter
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3000 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-15 18:44:02 +00:00
teastep
2fc06059db Restore ACCEPT policies to nat, mangle and raw tables during start/stop
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2996 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-13 16:00:17 +00:00
teastep
d678421c08 Fix MACLIST_TABLE=mangle and DHCP
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2947 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-02 17:44:10 +00:00
teastep
981323b7d6 Fix MACLIST_TABLE=mangle and DHCP
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2946 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-02 15:32:33 +00:00
teastep
53ae3fc6e0 Suppress 'ambiguous redirect' errors
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2934 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-28 03:18:49 +00:00
teastep
4b97c4584c Add samples to base package
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2907 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-20 22:10:10 +00:00
teastep
629d7c87d2 Fix cut-and-paste error in arp_ignore processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2906 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-19 14:30:13 +00:00
teastep
cf7e66aab4 Make Openvpn TCP support a little more robust
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2904 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-18 17:05:12 +00:00
teastep
b20a7b3067 Fix tcp openvpn support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2901 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-18 15:20:12 +00:00
teastep
057e4aeb71 Add TC_ENABLED=Internal -- Take 2
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2837 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-09 16:21:15 +00:00
teastep
1af4d541a0 Add TC_ENABLED=Internal
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2836 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-09 15:47:47 +00:00
teastep
41178852fb Avoid extra $COMMAND tests
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2835 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-09 02:36:30 +00:00
teastep
1a8f760491 Fix default tc class bug
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2834 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-08 14:57:10 +00:00