Commit Graph

13230 Commits

Author SHA1 Message Date
Tom Eastep
8c0c1bd1e0 Omit the 'shorewall' chain from .ip[6]tables-restore-input
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 08:16:47 -08:00
Tom Eastep
8b825c4c4c Avoid failure of ip[6]tables-restore.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 07:56:05 -08:00
Tom Eastep
4493b2ab6b Correct typo in 'rules' manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 06:50:40 -08:00
Tom Eastep
9598ac6fad Correct a couple of problems with -C
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-01 10:09:04 -07:00
Tom Eastep
8fb73026c8 Replace SAVE_COUNTERS with the -C command option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-01 09:37:57 -07:00
Tom Eastep
4546cbaff7 Use chains with names derived from a digest to identify ruleset
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-31 11:36:53 -07:00
Tom Eastep
a83c146636 Cleanup
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 20:27:06 -07:00
Tom Eastep
2ffc97867c Correct syntax error in the generated script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 19:59:20 -07:00
Tom Eastep
f08803e293 Preserve counts on 'restart' without compilation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 18:38:45 -07:00
Tom Eastep
b7ab82dba4 Implement -f option in the -lite products' start command
- Remove 'recover' command

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 10:42:39 -07:00
Tom Eastep
113f95c11e Provide STARTOPTIONS and RESTARTOPTIONS in all cases
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 10:22:39 -07:00
Tom Eastep
3454e10525 Add SAVE_COUNTERS option.
- Also implement recover command

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 08:57:56 -07:00
Tom Eastep
edc30fcc8d Process the params file with SHOREWALL_SHELL
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-29 12:22:00 -07:00
Tom Eastep
85e5669fc7 Rename function interface_up() to interface_enabled()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-27 18:38:22 -07:00
Tom Eastep
055fceb82f Update policy manpages for duel limits
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-22 12:27:27 -07:00
Tom Eastep
f5bdc9e7f4 Allow two limits in the RATE LIMIT columns
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-22 11:21:43 -07:00
Tom Eastep
54461a9a90 Correct indentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-20 12:29:45 -07:00
Tom Eastep
b60d6dd6e5 Avoid duplicate module loads
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-20 10:42:53 -07:00
Tom Eastep
4bc91e89db Remove debugging code from Shorewall-init installer
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-19 08:28:41 -07:00
Tom Eastep
2784e93307 Load xt_LOG in both helpers files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-19 08:28:36 -07:00
Tom Eastep
90d1e41dcb Correct IPv4 Helpers file
- Change xt_ULOG to ipt_ULOG

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-19 08:28:29 -07:00
Tom Eastep
20c8bf02b1 Correct Shorewall6 helpers file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-19 08:28:19 -07:00
Tom Eastep
38d4b1c5a9 Revert "Correct last patch"
This reverts commit b528625329.
2014-10-19 08:28:11 -07:00
Tom Eastep
e3a332ec27 Correct last patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-19 08:28:00 -07:00
Tom Eastep
49218a4d28 ipt_LOG in helpers file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-15 18:07:09 -07:00
Tom Eastep
3236cd2660 Reinstate IPv6 DropSmurfs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-13 12:34:25 -07:00
Tom Eastep
e3b10343a5 Change SYSTEMDDIR to SERVICEDIR
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-13 11:56:26 -07:00
Tom Eastep
286bc50bb3 Remove 'optional' from the Universal interfaces file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-13 08:07:14 -07:00
Tom Eastep
a5086f785f Avoid confusing output when 4.6.4 CLI executes a 'save'
- If a down-rev firewall is running, the savesets command produces
  confusing usage output

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-10 18:40:55 -07:00
Tom Eastep
19482ac197 Allow Shorewall-init installer to create SBINDIR if configure == 0
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-09 10:14:23 -07:00
Tom Eastep
42363da458 Add new .service files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-09 10:00:53 -07:00
Tom Eastep
c5074bddb2 Rename the .service files to .service.214
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-09 09:45:52 -07:00
Tom Eastep
4b9d8ad5f6 Merge branch '4.6.4'
Conflicts:
	Shorewall-init/shorewall-init.service
2014-10-08 18:26:42 -07:00
Tom Eastep
8e9d769723 Add iptables.service to Shorewall-init conflicts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-08 18:24:53 -07:00
Tom Eastep
77015ebb4d Adjust the .service files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-08 17:33:33 -07:00
Tom Eastep
12458d111a Adjust the .service files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-08 17:28:22 -07:00
Tom Eastep
815e93e80c Rename SYSTEMD to SYSTEMDDIR
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-07 16:46:16 -07:00
Tom Eastep
7771e5d48f More ipset article tweaks
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-07 13:37:56 -07:00
Tom Eastep
0cd694370e Add nat link from Shorewall6 manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-07 12:21:44 -07:00
Tom Eastep
5fd7c573fc Clarify Shorewall-init SAVE_IPSETS setting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-07 11:41:57 -07:00
Tom Eastep
80c024c4aa Amplify the 4.6.4 SAVE_IPSETS changes in the ipset article
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-07 09:52:15 -07:00
Tom Eastep
3bae6e61cf Eliminate syntax errors in the generated script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-07 07:53:26 -07:00
Tom Eastep
5204cbc95f Suppress 'No ipsets were saved' warning when SAVE_IPSETS=No
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-07 07:50:12 -07:00
Tom Eastep
ea1b8ac63a Correct handling of empty LOG_BACKEND
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-07 07:34:55 -07:00
Tuomo Soini
a31fd20f22 Shorewall6/nat: clearly make it ipv6 specific 2014-10-07 12:42:57 +03:00
Tom Eastep
2c7ffb525d Updagte Shorewall6-nat manpage
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-05 20:09:18 -07:00
Tom Eastep
316866482b Add ipv6 nat file and manpage
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-05 19:54:19 -07:00
Tom Eastep
6c6a1d82d9 Make Debian installation work with SANDBOX
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-05 16:52:59 -07:00
Tom Eastep
a72a1ef7a6 Update the install document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-05 13:30:28 -07:00
Tom Eastep
4398fb23d1 Create INITDIR in the Shorewall init installer
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-04 18:49:55 -07:00