Tom Eastep
8ea9d0bbef
Mention capabilities file to speed up 'start'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-02 10:45:21 -08:00
Tom Eastep
ebe09a95b8
Lightweight format_rule() for use in digest creation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-02-02 09:27:19 -08:00
Tom Eastep
f32b304eb6
Describe disabling shorewall under systemd in the FAQs
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-31 14:59:15 -08:00
Tom Eastep
7bdd69d151
Optimization category 8 tweaks
...
- Document cost of the category in shorewall.conf(5)
- Omit DONT_DELETE chains from consideration right off the bat
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-31 14:58:01 -08:00
Tom Eastep
a08f0cfe10
Avoid awkward blank lines
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-30 19:15:10 -08:00
Tom Eastep
09a81ae574
Omit trailing black space from the generated script
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-30 14:31:54 -08:00
Tom Eastep
7042d586b2
Clarify BLACKLIST_DISPOSITION in shorewall.conf(5)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-30 13:54:03 -08:00
Tom Eastep
e17c4ac8af
Reorganize code around wait/Interface-variable fix
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-30 11:25:37 -08:00
Tom Eastep
37101a2031
Merge branch '5.1.11' into 5.1.12
2018-01-28 13:15:42 -08:00
Tom Eastep
40bcfd15e5
Revert "Correct order of optional interface and address variable handling"
...
This reverts commit f4cae55c1e
.
2018-01-28 13:15:13 -08:00
Tom Eastep
230ab06e5d
Reverse order of required-interface and address variable processing
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-28 13:10:44 -08:00
Tom Eastep
09cda21dd4
Revert "Correct order of optional interface and address variable handling"
...
This reverts commit 9253f90ac5
.
2018-01-28 12:29:38 -08:00
Tom Eastep
9253f90ac5
Correct order of optional interface and address variable handling
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-28 11:39:06 -08:00
Tom Eastep
f4cae55c1e
Correct order of optional interface and address variable handling
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-28 10:54:03 -08:00
Tom Eastep
070a67d665
Deimplement OPTIMIZE_USE_FIRST
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-24 11:56:20 -08:00
Tom Eastep
9796c58eb2
Add OPTIMIZE_MASK constant
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-23 13:15:44 -08:00
Tom Eastep
cabc20957f
Delete an unnecessary variable
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-23 09:45:50 -08:00
Tom Eastep
a9a379c5a5
Implement INPUT SNAT
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-22 16:37:38 -08:00
Tom Eastep
3bf5066f82
Document multiple DEST interfaces in the snat file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-22 11:12:28 -08:00
Tom Eastep
b2c33a0f9a
Add snat to the list of manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-22 10:48:58 -08:00
Tom Eastep
64f704a964
Improve quoting in the route-balancing logic
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-21 14:46:51 -08:00
Tom Eastep
416224ee05
Correct typos and anachronisms in Chains.pm comments
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-21 11:53:58 -08:00
Tom Eastep
92ce1beddc
Move read_yesno_with_timeout() to lib.cli-std
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-20 14:26:13 -08:00
Tom Eastep
4d6bf8564e
Avoid unnecessary variable expansion
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-20 14:25:42 -08:00
Tom Eastep
fb4b362724
Eliminate unnecessary local array
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-20 13:26:10 -08:00
Tom Eastep
97de2be778
Change a fatal_error() call with an assertion in add_policy_rules()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-19 13:39:51 -08:00
Tom Eastep
85cae3c7f8
Add parens to improve readability
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-19 12:47:17 -08:00
Tom Eastep
acd425a3c2
Remove superfluous logic from validate_portpari1()
...
- Add comments
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-19 12:46:52 -08:00
Tom Eastep
4e6949f996
Document port masquerading
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-19 08:55:56 -08:00
Tom Eastep
5d7dcc3122
Unify variable style
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-18 13:42:13 -08:00
Tom Eastep
23d498146b
Merge branch '5.1.11'
...
# Conflicts:
# Shorewall/lib.cli-std
2018-01-18 13:40:37 -08:00
Tom Eastep
422d0b216a
Don't use the -quit option to Busybox find
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-18 13:39:44 -08:00
Tom Eastep
37ecbff23a
Merge branch '5.1.11'
...
# Conflicts:
# Shorewall/lib.cli-std
2018-01-18 13:37:52 -08:00
Tom Eastep
491309a78a
Don't use the -quit option to Busybox find
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-18 13:36:23 -08:00
Tom Eastep
bc993c384c
Don't use the -quit option to Busybox find
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-18 11:34:46 -08:00
Matt Darfeuille
0e4c1cdac1
Init: Correct indentation
...
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-12 10:26:37 -08:00
Tom Eastep
27a0f0f7a0
Make TRACK_PROVIDERS=Yes the default
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-10 08:46:01 -08:00
Tom Eastep
9ac075fd56
Clear the connection mark in tunneled packets from tracked providers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-09 17:12:14 -08:00
Tom Eastep
b2604583af
Revert "Clear the connection mark in tunneled packets from tracked providers"
...
This reverts commit 62c6411cb0
.
2018-01-09 17:01:51 -08:00
Tom Eastep
62c6411cb0
Clear the connection mark in tunneled packets from tracked providers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-09 14:51:57 -08:00
Matt Darfeuille
6badf3ce1a
Update supported Shorewall version
...
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-08 09:08:53 -08:00
Tom Eastep
1bc90beb01
Update copyrights
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-07 15:01:46 -08:00
Tom Eastep
eaccf033c6
Update copyrights for 2018
...
- Update some header versions to 5.1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-07 14:24:01 -08:00
Tom Eastep
056711d304
Remove anachronistic comment
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-06 13:58:20 -08:00
Tom Eastep
0aa0bebe07
Reword error message
...
- "Invalid action name ..." to "Reserved action name ..."
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-06 13:56:36 -08:00
Tom Eastep
1a68d87c94
Don't enable forwarding in 'clear'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-04 15:39:07 -08:00
Tom Eastep
c518cfaa4a
Allow address variables to work correctly with the 'clear' command
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-03 08:58:28 -08:00
Tom Eastep
196a56ea3c
Permit when firewall stopped when using an ipset for dynamic BL
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-02 13:26:32 -08:00
Tom Eastep
2c3f121835
Don't call setup_dbl() unconditionally
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-02 13:11:31 -08:00
Tom Eastep
18ba5c7311
Don't verify 'conntrack' utility for 'remote-' commands
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-02 11:52:35 -08:00