Commit Graph

986 Commits

Author SHA1 Message Date
Tom Eastep
4a4cea46c0 Update copyrights in the Sample files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-06 13:44:34 -07:00
Tom Eastep
8bfff55ed2 Add a TIME column to the mangle file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-04 08:01:14 -07:00
Tom Eastep
b1a6ec7f03 Merge branch '4.6.1' 2014-07-02 21:41:27 -07:00
Tom Eastep
7fdc398a5e Revert "Revert "Revert "Add a TIME column to the mangle file"""
This reverts commit 1165b2689c.
2014-06-27 08:23:04 -07:00
Tom Eastep
1165b2689c Revert "Revert "Add a TIME column to the mangle file""
This reverts commit 9c7fcd09fd.
2014-06-27 08:14:28 -07:00
Tom Eastep
9c7fcd09fd Revert "Add a TIME column to the mangle file"
This reverts commit 824b14b714.
2014-06-25 07:33:42 -07:00
Tom Eastep
80c09c4747 Merge branch '4.6.1' 2014-06-25 07:31:36 -07:00
Tom Eastep
824b14b714 Add a TIME column to the mangle file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-25 07:05:12 -07:00
Tom Eastep
6ad9b95351 Implement 'show bl'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-18 13:27:25 -07:00
Tom Eastep
ac4bf15606 Implement 'status -i'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-18 11:07:37 -07:00
Tom Eastep
4e5d24fd9b Currect masq manpages
Describe the SOURCE column as optional

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-16 07:27:05 -07:00
Tom Eastep
89c5d5080b A couple more tweaks to the masq manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-22 11:14:46 -07:00
Tom Eastep
dcc2fb27c5 Apply Tuomo Soini's whitespace patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-19 14:18:48 -07:00
Tom Eastep
7835feb45e Apply Simon Mater's cosmetic fix to the 'mangle' files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-16 07:31:44 -07:00
Tom Eastep
ffc564bdf9 Add ?format 2 to several Shorewall6 actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-10 08:19:03 -07:00
Tom Eastep
f717d097d7 Apply Tuomo Soini's Macro format patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-07 12:19:24 -07:00
Tom Eastep
2b43c28e98 Add tabs to mangle files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-20 07:56:43 -07:00
Tom Eastep
c663f91ec7 Add HEADERS to shorewall6-mangle(5)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-19 08:01:21 -07:00
Tom Eastep
15507aa265 Update sample rules files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-19 07:48:42 -07:00
Tom Eastep
4d4e8b3df4 Do nothing when a rules file section is empty.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-18 14:13:34 -07:00
Tom Eastep
b3cd9ab15a Default to LOAD_HELPERS_ONLY=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-12 11:05:28 -07:00
Tom Eastep
fdc391cf49 Change all *.conf files to reflect ZONE2ZONE=-
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-04-11 20:44:15 -07:00
Tom Eastep
eb70234c52 Correct some typos in the .conf manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-12 14:50:15 -07:00
Tom Eastep
20b10582b4 Moew deprecation of USE_DEFAULT_RT=No
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-10 08:24:12 -07:00
Tom Eastep
cea237620a Change USE_DEFAULT_RT default to 'Yes'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-09 07:42:22 -07:00
Tom Eastep
c9d7370fb4 Merge branch '4.5.21'
Conflicts:
	Shorewall/manpages/shorewall.conf.xml
	Shorewall6/manpages/shorewall6.conf.xml

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-05 09:00:34 -08:00
Tom Eastep
8b4d8bfa16 Finish ADMINISABSENDMINDED change
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-05 08:57:03 -08:00
Tom Eastep
caa72fb7d2 Correct routestopped files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-02 10:39:12 -08:00
Tom Eastep
3e87efc82b Document -t option
- Also copy compiler directives to the mangle file.
2014-02-17 12:50:59 -08:00
Tom Eastep
69fe94ef08 Document the -t option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-16 09:25:58 -08:00
Tom Eastep
16b80c3e45 Add default value for BASIC_FILTERS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-04 20:45:51 -08:00
Tom Eastep
2dbcd36a9c Implement BASIC_FILTERS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-04 16:34:03 -08:00
Tom Eastep
7ddc65133e Support ipset lists in the tcfilters file.
- Also document the fact that ipset match options are not available in
  the tcfilters file.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-04 12:16:35 -08:00
Tom Eastep
c08655e0bc Document ipset use in tcfilters
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-01 09:40:39 -08:00
Tom Eastep
44e0d48fc5 Add <refmiscinfo>...</refmiscinfo> to remaining manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-16 08:32:57 -08:00
Tom Eastep
89fd5ced15 Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2014-01-12 14:05:48 -08:00
Roberto C. Sanchez
b1a490b50a Cleanup links in manpages so that hrefs in generated HTML don't take the user to a different server 2014-01-12 16:40:03 -05:00
Tom Eastep
a35b7821bf Correct stoppedrules manpages re DROP
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-07 13:30:09 -08:00
Tom Eastep
fd28a12653 Allow DROP in the stoppedrules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-07 13:19:49 -08:00
Tom Eastep
42dd8dfee9 Change license to GPLv2+ and update copyrights
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-04 09:48:27 -08:00
Tom Eastep
78ecf9bdc8 Finish up ipset extensions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-03 09:23:14 -08:00
Tom Eastep
1771bb75cf Finish ipset match option implementation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-02 14:43:55 -08:00
Tom Eastep
48ceed9ecb Make tcpflags the default.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-01 15:10:38 -08:00
Tom Eastep
623bdd2ff1 Manpage corrections.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-01 07:41:28 -08:00
Tom Eastep
b61ee2d75e Manpage updates for IP[6]TABLES
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-01 07:18:54 -08:00
Tom Eastep
ac6a506e35 Allow logging from the RAW table
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-31 11:04:43 -08:00
Tom Eastep
4cc5ee6b73 Document IP[6]TABLES in the manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-29 10:13:38 -08:00
Tom Eastep
8f6f0c94a4 Replace tcrules with mangle in the manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-28 15:35:08 -08:00
Tom Eastep
6fe06c82c8 More switch from tcrules to mangle
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-28 15:24:05 -08:00
Tom Eastep
a1222d10cb change 'marks' file to 'mangle'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-28 10:03:23 -08:00
Tom Eastep
4c840a05a0 Fix issue in the shorewall-tcrules and shorewall6-tcrules manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-19 16:24:50 -08:00
Tom Eastep
6323372ebd Fix issue in the shorewall-tcrules and shorewall6-tcrules manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-19 16:23:32 -08:00
Tom Eastep
4e4e7cac1d Redefine the -i option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-15 11:23:20 -08:00
Tom Eastep
cb74b2d706 Document the -i update option in the manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-14 20:54:56 -08:00
Tom Eastep
33c5893bdb Implement INLINE_MATCHES
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-14 13:35:01 -08:00
Tom Eastep
2bc329aa1d Add INLINE support to the masq file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-13 15:44:16 -08:00
Tom Eastep
f22dfcaa75 Merge branch '4.5.21' 2013-12-08 09:02:44 -08:00
Tom Eastep
d71c2688dc Clarify the need to quote/escaape settings with parentheses.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-08 09:02:25 -08:00
Tom Eastep
95abeaea24 Finish INLINE in the tcrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-01 09:25:32 -08:00
Tom Eastep
d63262a0cb change ZONE2ZONE default to '-'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-11-24 08:16:28 -08:00
Tom Eastep
3870157898 Issue warning on bare SECTION headings.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-11-24 07:58:02 -08:00
Tom Eastep
ea21d61f39 Correct Broadcast Actions
- Delete --dst-type BROADCAST from IPv6
- Suppress superfluous multicast rule

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-11-12 08:41:58 -08:00
Tom Eastep
3b5c1ad601 Remove anachronistic text from the tcinterfaces manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-11-10 08:19:16 -08:00
Tom Eastep
e14d92c5ac Add DROP support in tcrules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-11-04 10:50:11 -08:00
Tom Eastep
6eb2c0cb5f Add link to the logging page from the policy manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-24 08:01:18 -07:00
Roberto C. Sanchez
12563c55a8 Add '. /lib/lsb/init-functions' to the Debian-specific init scripts, as recommended by lintian 2013-10-05 16:31:45 -04:00
Tom Eastep
e570d91ab1 Document 'hostroute' and 'nohostroute'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-18 17:58:28 -07:00
Tom Eastep
159d677acb Update manpages to indicate that 'inline' is assumed for REJECT_ACTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-10 08:08:06 -07:00
Tom Eastep
ae63a0ab77 Correct description of how REJECT is handled:
- Add UDP

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-02 17:07:58 -07:00
Tom Eastep
67603c5eb3 Implement REJECT_ACTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-01 09:14:10 -07:00
Tom Eastep
32763e998b Make -v work with the status command
- Also document exit status

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-13 06:52:46 -07:00
Tom Eastep
a10aea280b Add some abbreviations for common commands
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-06 07:05:47 -07:00
Tom Eastep
83d1aa6682 Allow OPTIMIZE=All
- Remove use of literal 4096 from OPTIMIZATION checks.
- Moved constant declarations to the Config module.
- Documented that level 1 is ignored when level 4 is specified.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-29 10:08:35 -07:00
Tom Eastep
aabb22a50f Add the TRACK_RULES option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-24 07:22:51 -07:00
Tom Eastep
765b748283 Documentation updates
- Add meaningful IDs to some sections in Events.xml
- Correct typos in the accounting manpages

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-22 07:54:45 -07:00
Tom Eastep
7aa33c140d Add an AutoBL action with helper AutoBLL
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-17 10:19:18 -07:00
Tom Eastep
d6d0cad2f9 Add 'show event[s]' to manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 10:37:27 -07:00
Tom Eastep
282bf0a78c Allow Events with Shorewall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 09:45:41 -07:00
Tom Eastep
71bcd11ab6 Make ?...shell/perl directives case insensitive
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-20 10:39:39 -07:00
Tom Eastep
4bd35a0b93 Allow 'routeback=0'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-16 08:37:53 -07:00
Tom Eastep
53f1cd40df Add 'unmanaged' option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-06-10 12:36:18 -07:00
Tom Eastep
a48a4b7a2e Don't allow fowarding between local zones.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-28 06:14:44 -07:00
Tom Eastep
2de0fbf7d0 Change 'local' to 'loopback' and add 'local' zones that match non-loopback interfaces.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-26 14:06:51 -07:00
Tom Eastep
fd11eb7d82 Omit fw->fw jumps when there is a local zone.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-22 09:19:34 -07:00
Tom Eastep
ac02c484f5 Change 'local' interface option to a zone type.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-19 15:35:20 -07:00
Tom Eastep
b38f1416aa Mention "all+' in the "Important" notes at the top
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-13 13:41:12 -07:00
Tom Eastep
c8133145e6 Add support for "all+" in the policy file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-13 09:01:12 -07:00
Tom Eastep
e3d9b2762d Add 'destonly' and 'local' to the interface manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-12 12:48:58 -07:00
Tom Eastep
7215b61aa4 Document changes introduced by Mr-4.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-07 10:16:38 -07:00
Tom Eastep
577db69719 Support conditional compilation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-07 09:36:02 -07:00
Roberto C. Sanchez
a0228e9d3b Fix typos in manpages 2013-05-03 12:19:45 -04:00
Tom Eastep
8bb03a741d Update blrules manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-24 08:17:10 -07:00
Tom Eastep
f543c3bd1e Finish Mr-4's NFACCT patch
- Correct indentation
- Remove '$type' argument to split_nfacct_list
- Update manpages.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-23 06:55:30 -07:00
Tom Eastep
5ad69aa650 Add CHAIN_SCRIPTS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-21 07:30:31 -07:00
Tom Eastep
a56dcc745d Clarify <chain>:COUNT in the accounting files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-20 17:11:46 -07:00
Tom Eastep
1b9fd642bb Add INLINE to the accounting file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-20 08:02:02 -07:00
Tom Eastep
1fd62e1612 Restore order in the NFACCT target.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-19 11:11:37 -07:00
Tom Eastep
6c2679ce75 Allow incrementing an nfacct object when an ipset matches.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-19 10:44:57 -07:00
Tom Eastep
91c4dd2e56 Document multiple nfacct objects in one rule.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-19 06:38:02 -07:00
Tom Eastep
8ef11a376b Document 'HELPERS=none'.
- Also make 'check -u' work correctly regarding HELPERS=

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-18 11:30:47 -07:00