Commit Graph

266 Commits

Author SHA1 Message Date
Tom Eastep
835a056eb8 Implement BLACKLIST section in the rules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-03 16:02:01 -07:00
Tom Eastep
0a5d5821ec Support additional forms of column/value pair specification
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-02 11:45:55 -07:00
Tom Eastep
2b7515f434 Refer manpage readers to the 'Pairs' information
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-26 10:16:52 -07:00
Tom Eastep
da5b6b99d4 Implement TTL support in tcrules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-24 16:17:52 -07:00
Tom Eastep
dbf5f17b41 More tweaks to switch implementation.
1) Switch names may be 30 characters long.
2) Switch settings are retained over restart.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-24 07:34:58 -07:00
Tom Eastep
12bfc14c5f More SWTICH changes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 14:44:20 -07:00
Tom Eastep
caddd65412 Rename condition->switch and add more documentation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 12:33:55 -07:00
Tom Eastep
75b4540d26 Add support for condition match in the rules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-21 15:20:50 -07:00
Tom Eastep
379d1d3201 Document how to use IPv6 netmap
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-18 10:56:11 -07:00
Tom Eastep
895d2f34c5 Externalize stateless NAT for IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-15 14:27:05 -07:00
Tom Eastep
a3f6b9292e Change "see above" to "see below" in routefilter description
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-07 16:34:42 -07:00
Tom Eastep
d3ed864daa Clarify routeback vs routefilter/sfilter in interfaces manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-07 11:13:26 -07:00
Tom Eastep
ee8a8978b2 Fix typo in the Shorewall6 interfaces manpage 2011-09-04 15:11:05 -07:00
Tom Eastep
bc706324e9 Add an ALL section to the rules files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-15 15:32:24 -07:00
Tom Eastep
18e3dd40e6 Add an IPv6 ipset manpage and clarify +[...]
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-26 13:15:10 -07:00
Tom Eastep
3f903fe3f1 Allow IPv6 Address as the third argument to TPROXY
- also update the manpages to describe TPROXY

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-07 06:43:16 -07:00
Tom Eastep
dedbbf2292 Replace FILTER_LOG_LEVEL with SFILTER_LOG_LEVEL in the .conf manpages 2011-06-26 11:19:57 -07:00
Tom Eastep
33be910029 Avoid false match 2011-06-26 09:16:02 -07:00
Tom Eastep
1b3d7947b8 Update the .conf file before validating ('update' command)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 12:31:58 -07:00
Tom Eastep
44599530ea Remove warnings about duplicate zone/interface dynamic hosts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 18:27:18 -07:00
Tom Eastep
ec28bdb5a0 Document Shorewall6 support for dynamic zones.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 14:33:49 -07:00
Tom Eastep
c112f2381e Document IPv6 Dynamic Zones
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 10:59:14 -07:00
Tom Eastep
4916610033 Rename upgrade => update
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 07:14:27 -07:00
Tom Eastep
df2f7ec6a5 Implement 'upgrade' and delete the '-u' and '-a' options of 'check'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 17:39:44 -07:00
Tom Eastep
d66c7d478e Eliminate expansion of shell variables in the upgraded config file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 16:33:41 -07:00
Tom Eastep
e8e7215f4b Add a warning about shell variables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 16:00:29 -07:00
Tom Eastep
6f2cc31dde Implement .conf file upgrade
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 13:03:55 -07:00
Tom Eastep
89529df71f Odd capitalization to make annotate.pl work correctly
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-18 06:10:32 -07:00
Tom Eastep
e7cdf75463 Correct version when :<burst> was added 2011-06-17 17:19:37 -07:00
Tom Eastep
dfcd29d930 Correct spelling error in shorewall6-interfaces(5)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-15 14:00:30 -07:00
Tom Eastep
10ae91b600 Delete deprecated options from the .conf files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-12 13:46:26 -07:00
Tom Eastep
acefd0a75b Improvements to interfaces manpages
- Indicate when 'routefilter' cannot be used.
- Clarify use of 'sfilter'

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 06:44:07 -07:00
Tom Eastep
79348d2b55 Correct manpages: filter->sfilter
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-10 06:04:45 -07:00
Tom Eastep
d6ebdd3cb7 Fix tcrules manapges WRT source/dest ports
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-08 09:03:08 -07:00
Tom Eastep
254e1ed784 Add 'I' STATE to secmarks
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-02 11:43:55 -07:00
Tom Eastep
561d461a25 Add 'NI' STATE setting in secmarks.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-02 10:06:27 -07:00
Tom Eastep
a71136fd5a Rework configuration files for Shorewall and Shorewall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-29 14:34:18 -07:00
Tom Eastep
3dcc90e4de Delete IPSET_SAVE from shorewall6.conf manpage 2011-05-28 19:58:57 -07:00
Tom Eastep
b05ed0a67d Add MACLIST_* to shorewall6.conf manpage 2011-05-28 19:56:09 -07:00
Tom Eastep
6d3640dafc Alphabetize config files and sync files and manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-28 10:34:54 -07:00
Tom Eastep
dbc21b87fe Correct wording in release notes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-28 05:52:49 -07:00
Tom Eastep
0287d96aa2 Finish filtering implementation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-26 13:38:44 -07:00
Tom Eastep
2f288a83c8 Document -T
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-24 11:39:52 -07:00
Tom Eastep
ee98772349 Add -c to the start command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-24 09:13:02 -07:00
Tom Eastep
485a7fb29d Implement 'restart -c'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-23 06:39:26 -07:00
Tom Eastep
5d04c93a16 Implement LEGACY_FASTSTART option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-22 15:36:29 -07:00
Tom Eastep
99cb09bd84 Documentation update 1 for AUDIT supportttt
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-21 16:25:38 -07:00
Tom Eastep
d15475efae Cleanup of AUDIT before Beta 3
- Correct merge snafus
- Rename the new actions (e.g., ADROP->A_DROP)
- Correct MACLIST_DISPOSITION logic
2011-05-20 07:47:35 -07:00
Tom Eastep
e940f5018e Implement whitelisting.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-18 08:30:01 -07:00
Tom Eastep
8ec33cd6dd Update accounting documentation 2011-05-17 18:35:28 -07:00