Commit Graph

1336 Commits

Author SHA1 Message Date
Tom Eastep
cb7ab3908a
SOURCE/DEST changes in the mangle manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-11 14:06:59 -08:00
Tom Eastep
b4d42507b2
Another SOURCE/DEST manpage change.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-10 16:22:47 -08:00
Tom Eastep
094ccbf978
Merge branch '5.0.15' 2016-12-10 15:07:31 -08:00
Michele Baldessari
036a6e5a83
Add an IPv6 bidirectional mDNS macro
Add the missing corresponding IPv6 bidirectional mDNSbi macro.

Closes-Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1295844

Signed-off-by: Michele Baldessari <michele@acksyn.org>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-10 14:44:10 -08:00
Tom Eastep
b756c63b1e
More SOURCE/DEST manpage updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-10 14:41:08 -08:00
Tom Eastep
eea9882953
Implement CPU Fanout for NFQUEUE.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-09 10:46:39 -08:00
Tom Eastep
192486eb0a
Bring shorewall6-actions(5) up to date
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-09 09:47:14 -08:00
Tom Eastep
6a43dd1564
Bring shorewall6-actions(5) up to date
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-09 09:46:29 -08:00
Tom Eastep
5ea3334a66
Support a richer SOURCE and DEST syntax
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-09 09:43:10 -08:00
Tom Eastep
77e83f0afd
Eliminate the CHAIN_SCRIPTS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-11-29 16:33:23 -08:00
Tom Eastep
a45fe692cc
Add a SWITCH column to the mangle files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-11-29 16:13:44 -08:00
Tom Eastep
799b17210c
Enhanced syntax for SOURCE and DEST columns in the rules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-11-25 15:10:14 -08:00
Tom Eastep
01306e1230
Try another approach to the RCP_/RSH_COMMAND formatting issue
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-11-23 14:48:28 -08:00
Tom Eastep
fbbcc812a1
Remove archaic LAST LINE comments from sample .conf files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-11-23 14:17:28 -08:00
Tom Eastep
87870ac46e
Clean up formatting of the RCP_/RSH_COMMAND manpage descriptions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-11-23 14:08:13 -08:00
Tom Eastep
414c5c7b0c
Change default shorewall6.conf settings.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-11-22 09:05:04 -08:00
Tom Eastep
875c352473
Unify the CLI
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-11-21 10:00:55 -08:00
Tom Eastep
8b99fe20b5
Pave the way for unifying the CLI
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-11-19 21:17:35 -08:00
Tom Eastep
137b051e52
Centralize setting of product-dependent g_* variables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-11-19 17:17:03 -08:00
Tom Eastep
6095d05af9
Update manpages for 'update' improvements
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-11-07 13:50:11 -08:00
Tom Eastep
6e08717089
Formatting changes to snat files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-11-01 17:11:43 -07:00
Tom Eastep
3f68814a38
Disallow more than one address[-range] in SNAT rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-31 15:15:35 -07:00
Tom Eastep
46c8147521
Deprecate INLINE_MATCHES=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-27 13:55:11 -07:00
Tom Eastep
0e7d5f3972
Support '+' in SNAT action invocation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-18 16:00:36 -07:00
Tom Eastep
5b5f91f75f
SNAT option documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-18 15:32:22 -07:00
Tom Eastep
f3dd77a3f1
Merge branch '5.0.13' 2016-10-16 16:36:08 -07:00
Tom Eastep
2c191bf595
Correct .conf manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-16 15:07:34 -07:00
Tom Eastep
43fdddb438
Add 'snat' config file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-15 11:38:52 -07:00
Tom Eastep
28849e60cf
Correct example in the shorewall6-masq manpage
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-14 15:55:36 -07:00
Tom Eastep
49fae96b09
Update the manpages for 'blacklist' verbosity
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-10 19:45:42 -07:00
Tom Eastep
3058f2fb84
Delete code supporting old kernel/iproute2 IPv6 restrictions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-07 11:02:36 -07:00
Tom Eastep
b5e7e41708
Correct NFQUEUE! manpage description
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-07 05:50:24 -07:00
Tom Eastep
14e8568d9e
Add the FIREWALL .conf option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-05 15:03:54 -07:00
Tom Eastep
ca7ca4bdfe
Add a 'timeout' option to DYNAMIC_BLACKLIST
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-05 12:56:47 -07:00
Tom Eastep
8d731c81e4
Add 'disconnect' option to ipset-based dynamic blacklisting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-04 09:09:45 -07:00
Tom Eastep
6ad7d47eb6
Correct DYNAMIC_BLACKLISTING documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-03 08:19:19 -07:00
Tom Eastep
ed48eed0c6
Change order of options in .conf files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-02 15:14:31 -07:00
Tom Eastep
97186e5402
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2016-10-02 14:04:02 -07:00
Roberto C. Sánchez
64ab43f14f
Fix typos 2016-10-02 17:01:46 -04:00
Tom Eastep
f989c2f5f6
Document 'persistent'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-30 11:34:57 -07:00
Tom Eastep
792b3b696c
Add ZERO_MARKS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-26 16:04:26 -07:00
Tom Eastep
ef4b1c2030
Add a TIME Columns section to the config file basics doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-22 15:45:18 -07:00
Tom Eastep
8065e62f12
Support for the 'contiguous' option in TIME columns
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-22 14:22:11 -07:00
Tom Eastep
e81a4788c6
Implement DEFAULT_PAGER in shorewallrc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-21 10:20:48 -07:00
Tom Eastep
8bb7c2363b
Support '+' after a zone list in the policy files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-10 10:06:38 -07:00
Tom Eastep
2c90a8bfb5
Allow zone lists in the SOURCE and DEST columns of the policy files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-10 08:47:48 -07:00
Tom Eastep
a05b957498
Corrections in the shorewall[6].conf manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-08-15 10:24:23 -07:00
Tom Eastep
0b9cd93769
Default DSCP rules to the POSTROUTING chain
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-07-27 13:59:15 -07:00
Tom Eastep
4a6338d857
Correct/complete Scott Sumate's LOGFILE enhancement
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-07-15 14:25:02 -07:00
Roberto C. Sánchez
7c9876241c
Debian init scripts: add run-level 1 to Default-Stop specification 2016-07-04 17:37:00 -04:00
Roberto C. Sánchez
8b36c2c1cf
Debian init scripts: more accurately describe what action is being taken 2016-07-04 13:34:33 -04:00
Tom Eastep
e71fb3249a
Add 'dbl' interface option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-06-15 16:35:41 -07:00
Tom Eastep
4869f61a25
'allow' now works with ipset-based dynamic blacklisting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-06-09 08:44:25 -07:00
Tom Eastep
9b7088158b
Correct ipv6-route header number
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-05-10 07:12:01 -07:00
Tom Eastep
d4df67966d Turn on AUTOMAKE in the sample configurations
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-05-06 08:46:11 -07:00
Tom Eastep
590243a787 Add NFLOG as a supported mangle action
- Also document nflog-parameters
- Correct range of nflog groups

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-05-03 11:27:34 -07:00
Tom Eastep
b7de785396 Correct typo in manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-30 08:34:43 -07:00
Tom Eastep
24d40f4cc2 Add VERBOSE_MESSAGES option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-30 08:00:56 -07:00
Tom Eastep
71bd7a4647 Update the STARTUP_LOG description in shorewall[6].conf
- Update list of commands

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-19 07:49:37 -07:00
Tom Eastep
2b7ef0fe32 Update the tcclasses manpage to discuss fw mark filter priority
- Also correct default priorities for tos= and tcp-ack

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-18 09:18:48 -07:00
Tom Eastep
32f888a7d4 Add an ENVIRONMENT section to the CLI manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-15 15:41:55 -07:00
Tom Eastep
dbd42e1d5d More ipset fixes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-12 16:29:13 -07:00
Tom Eastep
deaaecdf1c Add 'nodbl' interface option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-10 16:09:39 -07:00
Tom Eastep
05e4049174 Ipset-based blacklisting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-10 16:07:56 -07:00
Tom Eastep
ef10515a42 Correct FASTACCEPT description
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-10 07:20:45 -07:00
Tom Eastep
95e4071f34 Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2016-04-06 07:42:46 -07:00
Tuomo Soini
20179a5c9d remove completely false README.txt
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-06 10:23:58 +03:00
Tom Eastep
54843c617d Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2016-04-05 11:46:42 -07:00
Tom Eastep
e9467326f3 Allow allow REJECT to take a parameter
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-05 11:20:44 -07:00
Tuomo Soini
35bc0bd8ef lib.base: format to new headers
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:27:47 +03:00
Tuomo Soini
4034ebc270 modules.xtables: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:25:36 +03:00
Tuomo Soini
bd33bb7105 modules.tc: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:25:36 +03:00
Tuomo Soini
dbb23d8807 modules.ipset: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:25:36 +03:00
Tuomo Soini
5c4ee58f44 modules.extensions: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:25:36 +03:00
Tuomo Soini
bf8b519da6 modules.essential: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:25:36 +03:00
Tuomo Soini
724d430ba4 action.template: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:20:55 +03:00
Tuomo Soini
11479b14f9 action.mangletemplate: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:20:55 +03:00
Tuomo Soini
54eea167e5 action.Broadcast: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:20:55 +03:00
Tuomo Soini
8d92d07352 action.AllowICMPs: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:20:55 +03:00
Tuomo Soini
6122a1db19 action.A_AllowICMPs: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:20:55 +03:00
Tom Eastep
9a7f6512a1 Delete IPv6 actions that duplicate IPv4 actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-04 15:58:39 -07:00
Tom Eastep
a96ee0ab9a Make IPv6 Auth default consistent with IPv4
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-04 12:59:09 -07:00
Tom Eastep
81d76e3817 Document + in the MODULESDIR setting.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-01 09:43:06 -07:00
Roberto C. Sánchez
899a317c95 Fix typos 2016-03-26 22:25:30 -04:00
Tom Eastep
273c89a753 Implement MARK and CONNMARK in the rules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-18 11:42:58 -07:00
Tom Eastep
0b5d59870b Remove embedded Perl from Shorewall6 Drop and Reject actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-16 15:07:59 -07:00
Tom Eastep
eed7692952 Document the state action option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-14 15:15:32 -07:00
Tom Eastep
3c544b20e6 Convert the state actions to use the 'state' action option
- Also avoid the CLI having to know about builtin actions

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-14 14:54:09 -07:00
Tom Eastep
95da427ea8 Update manpages for 'audit' actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-13 15:53:31 -07:00
Tom Eastep
ec9148637f Inline mangle actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-09 10:28:02 -08:00
Tom Eastep
1add0487f6 Document Mangle Actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-07 14:56:20 -08:00
Tom Eastep
d4e2508a90 Clarify USE_DEFAULT_RT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-04 14:26:42 -08:00
Tom Eastep
62880bdf1b Don't populate PAGER in the sample config files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-02 13:04:47 -08:00
Tom Eastep
90d254f0c3 Add PAGER option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-02 08:32:49 -08:00
Tom Eastep
8a02624f05 Update copyrights in the install and uninstall scripts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-02-29 11:03:09 -08:00
Tom Eastep
7a9e9ad945 Decommit DOCKER=Yes in IPv6.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-02-21 12:03:41 -08:00
Tom Eastep
e66d9f6547 Add DOCKER option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-02-19 17:42:54 -08:00
Tom Eastep
94cfe54f92 Allow routing tables with no default route
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-02-17 11:49:09 -08:00
Tuomo Soini
453244fe95 macro.Trcrt: update header
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-02-15 20:13:41 +02:00
Tuomo Soini
23baddab16 macro.Ping: update header
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-02-15 20:13:41 +02:00
Tuomo Soini
62fab6e20d macro.mDNS: update header
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-02-15 20:13:41 +02:00
Tuomo Soini
daa016d2a3 Shorewall[6]/Makefile: remove extra restore, shorewall does that automatically
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-02-12 18:17:46 +02:00
Tuomo Soini
660ae09f4f shorewall6/Makefile: rewrite the Makefile to match shorewall one
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-02-12 12:20:28 +02:00
Tom Eastep
9b3b4579a2 Change TRACK_RULES setting from Internal to File
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-24 16:15:36 -08:00
Tom Eastep
3e404b765f Make .ip[6]tables-restore-input comments conditional
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-23 17:04:52 -08:00
Matt Darfeuille
c85ced09af Corrected sysconfig files
Removed unnecessary lines in sysconfig files

Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-19 09:25:37 -08:00
matt darfeuille
f1ed963077 Shorewall 5.0.4 Beta 2
Hi Tom,

Some unnecessary lines need to be removed from the sysconfig files.
I made some more changes to the init.openwrt.sh scripts(lite and
lite6)

Attached as sysconfig-lite.patch!

In order to be able to use the build50 script I had to make a few
changes(attached as build50.patch):

- Adding a variable BASEDIR (to build shorewall  in a subdirectory)
BASEDIR=$PWD
and doing:
$BASEDIR/annotate.pl
and so on ...

- Adding a variable
CYGWINSTYLESHEET
and modifying the script to use this new variable(added cygwin clause
in case statement)

- Adding a variable GITRELEASEDIR and modifying the lines around
624(to specify an other name for the release repo)
from
../release/
to
../$GITRELEASEDIR/

- Added line to remove unnecessary *.bak files

- Added an if statement if a subdirectory is used when patches are
created

question/request:
Would it be possible to use the build50 script without the '-t'
option?
That way only the packages would be built but the tarballs wouldn't
be created.

-Matt

On 12 Jan 2016 at 7:57, Tom Eastep wrote:

> Shorewall 5.0.4 Beta 2 is now available for download.
>
> New Feature since Beta 1:
>
> 1)  The mangle file now supports an DIVERTHA action that provides
>     support for HAProxy.
>
>     To setup the HAProxy transparent configuration described at
>
> http://www.loadbalancer.org/blog/setting-up-haproxy-with-transparent-mode-on-centos-6-x,
>     place this entry in shorewall-providers(5):
>
>
>     #NAME  NUMBER   MARK    DUPLICATE  INTERFACE GATEWAY   OPTIONS
>     TProxy 1        -       -          lo        -         tproxy
>
>     and use this DIVERTHA entry:
>
>     #ACTION         SOURCE          DEST            PROTO  ...
>     DIVERTHA        -               -               tcp
>
> Thank you for testing,
> -Tom
> --
> Tom Eastep        \ When I die, I want to go like my Grandfather who
> Shoreline,         \ died peacefully in his sleep. Not screaming like
> Washington, USA     \ all of the passengers in his car
> http://shorewall.net \________________________________________________
>
>

-------------- Enclosure number 1 ----------------
>From ca4c854433e1c4c5870ea3e71225e5df8da4e255 Mon Sep 17 00:00:00 2001
From: Matt Darfeuille <matdarf@gmail.com>
Date: Wed, 13 Jan 2016 21:28:47 +0100
Subject: [PATCH 1/2] Modified lite and lite6.init.openwrt.sh

Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-14 16:36:21 -08:00
Tom Eastep
12513e24a3 Revert "Implement dynamic actions"
This reverts commit 8075ba719a.
2016-01-13 11:04:41 -08:00
Tom Eastep
8075ba719a Implement dynamic actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-13 09:33:38 -08:00
Tom Eastep
3828eb856b Rename HADIVERT to DIVERTHA
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-08 15:36:10 -08:00
Tom Eastep
e29e2d117d Documentation updates
- update LSM section of the Multi-ISP article
- Correct formatting of HAPROXY examples

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-08 08:33:42 -08:00
Tom Eastep
ad2f20b824 Finish HAProxy support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-06 09:12:33 -08:00
Tom Eastep
ee6a1dadbb Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2016-01-05 10:48:48 -08:00
Tuomo Soini
da93669245 Revert "shorewall6*.service: make sure shorewall and shorewall6 won't start at same time"
This reverts commit ff821e57c2.

Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-01-05 20:18:25 +02:00
Tuomo Soini
ff821e57c2 shorewall6*.service: make sure shorewall and shorewall6 won't start at same time
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-01-05 12:04:46 +02:00
Tuomo Soini
c447ddd03e systemd service: rename pre214 systemd versions to pre214 and remove separeate 214 variants 2016-01-05 12:01:21 +02:00
Tom Eastep
0c66e5f1b2 More Openwrt support in Shorewall-init from Matt Darfeuille
- Also, various cleanup in install/uninstall scripts

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-04 15:45:21 -08:00
Tom Eastep
89d91d37a1 Add Shorewall-init installer support for OpenWRT
- Supply sysconfig files for all products

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-27 16:47:31 -08:00
Tom Eastep
c9f57ad9c9 Update manpages for ADD timeout
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-24 09:20:42 -08:00
Tom Eastep
4b893b2fd6 Install/uninstall fixes from Matt Darfeuille
Signed-off-by: Tom Eastep <teastep@shorewall.net>

Conflicts:
	Shorewall-init/install.sh
2015-12-05 11:56:16 -08:00
Tom Eastep
8e7f001f7e Update manpages for column renaming
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-04 14:53:26 -08:00
Tom Eastep
46434e45b6 Change to IP_FORWARDING=keep in shorewall6.conf files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-02 11:28:04 -08:00
Tom Eastep
2c1786422e Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2015-11-28 09:04:46 -08:00
Tom Eastep
b087cee7f0 Redefine MODULESDIR
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-28 08:36:12 -08:00
Tuomo Soini
948175124b accounting: there must be more room for ACTION, SOURCE, and DEST
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-27 22:33:03 +02:00
Tuomo Soini
b25a8e4b2d shorewall: use real field names in config file headers
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-16 18:16:17 +02:00
Tom Eastep
7b54e5e1a6 Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2015-11-10 07:50:33 -08:00
Tuomo Soini
d0d34568d1 Shorewall6: reduce number of lines on config headers
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-09 23:09:37 +02:00
Tom Eastep
7fb00e0dfe Remove the routestopped files and their manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-09 07:28:46 -08:00
Tuomo Soini
f095e6f31d configfiles: unified configuration file formatting
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-09 10:24:20 +02:00
Tuomo Soini
8aefb3a998 Shorewall6: upgrade conntrack to ?VERSION 3
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-09 09:44:31 +02:00
Tuomo Soini
e74ff0ecd9 more cleanup to config files. 2015-11-02 00:03:38 +02:00
Tom Eastep
1c29240eb9 Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2015-11-01 11:31:53 -08:00
Tom Eastep
3973cdf0da Merge branch '5.0.1' 2015-10-28 14:35:27 -07:00
Tuomo Soini
31cdd6dbcb Shorewall6/configfiles/stoppedrules: use standard description
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-10-28 10:48:48 +02:00
Tuomo Soini
8133de1695 Shorewall6/configfiles/conntrack: fix config file header to common format
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-10-27 22:08:38 +02:00
Tuomo Soini
74180f83b9 Shorewall6/configfiles: remove empty lines and fix blrules header to common format
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-10-27 22:04:49 +02:00
Tom Eastep
35b90c2709 Update documentation for 'remote-' vs. 'remote_'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-27 08:16:06 -07:00
Tom Eastep
69dd7ce0b9 Add 'persistent' provider option - Phase II
- Also allow the creation of 'persistent' routing rules and routes

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-25 16:45:11 -07:00
Tuomo Soini
8771041a63 shorewall6: remove version from restored
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-10-13 12:51:00 +03:00
Tuomo Soini
dc7082b7a1 shorewall[6]: remove version from shorewall6 and macros 2015-10-13 12:17:18 +03:00
Tom Eastep
a8e4671668 Remove version from config files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-12 15:02:50 -07:00
Tom Eastep
0dbe756e93 Manpage and Shorewall-5 changes for RESTART
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-12 13:49:24 -07:00
Tom Eastep
72d4637c22 Replace LEGACY_RESTART with RESTART
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-12 11:45:58 -07:00
Tom Eastep
bb538a7c10 Merge branch 'master' into 5.0.0
Conflicts:
	Shorewall-core/lib.common
	Shorewall-core/shorewallrc.debian.systemd
	Shorewall-lite/shorewall-lite.service.debian
	Shorewall/Perl/Shorewall/Chains.pm
	Shorewall/Perl/Shorewall/Compiler.pm
	Shorewall/Perl/Shorewall/Config.pm
	Shorewall/Perl/Shorewall/Misc.pm
	Shorewall/Perl/Shorewall/Raw.pm
	Shorewall/Perl/Shorewall/Tc.pm
	Shorewall/Perl/compiler.pl
	Shorewall/Perl/prog.footer
	Shorewall/lib.cli-std
	Shorewall/manpages/shorewall-mangle.xml
	Shorewall/manpages/shorewall.conf.xml
	Shorewall/manpages/shorewall.xml
	Shorewall/shorewall.service.debian
	Shorewall6-lite/shorewall6-lite.service.debian
	Shorewall6/manpages/shorewall6-mangle.xml
	Shorewall6/manpages/shorewall6.conf.xml
	Shorewall6/manpages/shorewall6.xml
	Shorewall6/shorewall6.service.debian
	docs/MultiISP.xml
	docs/Shorewall_Squid_Usage.xml
2015-10-12 10:55:36 -07:00
Tom Eastep
1db3bfb53e Manpage updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-10 13:19:41 -07:00
Tom Eastep
7dd9beeeae Remove FORMAT specifications from macros and actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-22 12:39:22 -07:00
Tom Eastep
1b2a43e5ea Merge branch '5.0.0' of ssh://git.code.sf.net/p/shorewall/code into 5.0.0 2015-09-12 12:31:45 -07:00
Tom Eastep
1b571f3d86 Correct the reset command
- Also allow chain names to be specified a la the refresh command

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-11 14:16:16 -07:00
Tuomo Soini
53dfe442c1 systemd: add reload to unit files
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-09-10 14:15:16 +03:00