Tom Eastep
|
ce28c70c60
|
SNAT and DNAT support for IPv6.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-02-19 07:08:08 -08:00 |
|
Tom Eastep
|
010c44d07a
|
Correct description of the 'sourceroute' interface option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-02-18 11:33:19 -08:00 |
|
Tom Eastep
|
e486c16513
|
Correct all configpath files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-02-14 15:10:21 -08:00 |
|
Tom Eastep
|
f44becdee1
|
Rename BLACKLIST_LOGLEVEL to BLACKLIST_LOG_LEVEL for consistent naming.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-02-12 07:47:02 -08:00 |
|
Tom Eastep
|
aae6e001fe
|
Convert dropInvalid and allowInvalid to inline actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-02-07 11:21:13 -08:00 |
|
Tom Eastep
|
aa528dd075
|
Revert "Convert allowInvalid and dropInvalid into macros"
This reverts commit 272e1d330c .
|
2013-02-07 09:09:56 -08:00 |
|
Tom Eastep
|
272e1d330c
|
Convert allowInvalid and dropInvalid into macros
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-02-06 09:54:12 -08:00 |
|
Tom Eastep
|
61c219ed3a
|
Clarify the CHAIN column in the accounting manpage. Also mention ipset support.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-02-03 08:00:24 -08:00 |
|
Tom Eastep
|
0616dd9fcb
|
Add 'New' action for conntrack state NEW
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-02-02 09:33:24 -08:00 |
|
Tom Eastep
|
c68d4c6e27
|
Simplify Perl from actions even further.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-02-01 15:55:39 -08:00 |
|
Tom Eastep
|
9f82d82a92
|
Update Shorewall6 actions.std
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-02-01 12:59:24 -08:00 |
|
Evangelos Foutras
|
c9247c8074
|
Remove Arch Linux init file
Arch Linux only supports systemd now.
Signed-off-by: Evangelos Foutras <evangelos@foutrelis.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-02-01 10:13:54 -08:00 |
|
Tom Eastep
|
f407068d20
|
Update shorewall[6]-actions(5) regarding inline for some standard actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-01-30 08:27:30 -08:00 |
|
Tom Eastep
|
fc73c3934b
|
Replace BLACKLISTNEWONLY with BLACKLIST
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-01-30 08:00:47 -08:00 |
|
Tom Eastep
|
6b889e537f
|
Correct typo in the actions.std files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-01-28 12:07:04 -08:00 |
|
Tom Eastep
|
519861d7b2
|
Add CONTINUE as a possible setting for RELATED_DISPOSITION.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-01-28 07:58:03 -08:00 |
|
Tom Eastep
|
f7bdb71aad
|
Add an Established action.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-01-27 15:40:53 -08:00 |
|
Tom Eastep
|
69b660ba56
|
Add Related and Untracked actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-01-26 09:45:16 -08:00 |
|
Tom Eastep
|
c958329d14
|
More manpage updates for RELATED and UNTRACKED rules sections.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-01-24 19:24:01 -08:00 |
|
Tom Eastep
|
575673a8f5
|
Correct broken links in the .conf manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-01-24 15:42:20 -08:00 |
|
Tom Eastep
|
6403f4959d
|
Implement UNTRACKED SECTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-01-24 15:42:01 -08:00 |
|
Tom Eastep
|
c2bc74cdfe
|
Add INVALID section to the rules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-01-24 08:33:59 -08:00 |
|
Tom Eastep
|
a03e793907
|
Added OUT-BANDWIDTH to the tcinterfaces column
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-01-22 16:33:57 -08:00 |
|
Tom Eastep
|
17eae4adee
|
Update the description of BLACKLISTNEWONLY to match the implementation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-01-22 09:11:15 -08:00 |
|
Tom Eastep
|
b5cb27e84e
|
Correct .service files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-01-20 15:15:46 -08:00 |
|
Tom Eastep
|
89a09f0256
|
Implement DEFER_DNS_RESOLUTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-01-13 17:00:14 -08:00 |
|
Tom Eastep
|
f41b2fbffc
|
Clarify the LENGTH column of the tcrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-01-09 16:22:38 -08:00 |
|
Tom Eastep
|
414a74d23c
|
Support protocol lists in most files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-01-07 16:06:54 -08:00 |
|
Tom Eastep
|
d4c9885c09
|
Change interpretation of the log tag when LOGTAGONLY=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-01-06 13:10:18 -08:00 |
|
Tom Eastep
|
f955abe18b
|
Unify IPv4 and IPv6 modules.xtables files
- only difference now is xt_ipp2p
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
|
2013-01-01 08:44:36 -08:00 |
|
Tom Eastep
|
25b2341ecf
|
Add sch_fq_codel to modules.tc
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
|
2013-01-01 08:29:41 -08:00 |
|
Tom Eastep
|
4590e25052
|
Correct modules.xtables
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
|
2012-12-31 08:54:32 -08:00 |
|
Tom Eastep
|
115081dda5
|
Tweak fq_codel documentation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-29 11:20:16 -08:00 |
|
Tom Eastep
|
6d9cca1cff
|
fq_codel
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-29 10:58:11 -08:00 |
|
Tom Eastep
|
ebe4267c49
|
Rename IGNOREOLDCAPVERSIONS to WARNOLDCAPVERSION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-27 09:58:45 -08:00 |
|
Tom Eastep
|
f96bc7cc2d
|
Cosmetic cleanup of the .conf manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-27 09:01:37 -08:00 |
|
Tom Eastep
|
8bb6f81dc5
|
Rename IGNOREOLDCAPS to IGNOREOLDCAPVERSIONS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-27 08:54:22 -08:00 |
|
Tom Eastep
|
01a8ff20d4
|
Add the xtables modules to modules.xtables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-26 16:06:54 -08:00 |
|
Tom Eastep
|
ef0102e9f1
|
Add the 'IGNOREOLDCAPS' option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-26 15:48:08 -08:00 |
|
Tom Eastep
|
4d2379f542
|
Implement update -D
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-23 10:50:31 -08:00 |
|
Tom Eastep
|
c9eccaf3b8
|
Implement ?COMMENT directive
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-23 10:49:32 -08:00 |
|
Tom Eastep
|
96b61ea05c
|
Update documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-21 16:13:23 -08:00 |
|
Tom Eastep
|
dbd55acba2
|
Update samples, standard Actions and Macros to use ?FORMAT
|
2012-12-21 15:51:14 -08:00 |
|
Tom Eastep
|
1cbeaa6a9f
|
Apply Tuomo Soini's tabs patches for the rules files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-13 09:26:09 -08:00 |
|
Tom Eastep
|
8a0abab4cc
|
Rename 'ALLOWUNKNOWNVARIABLES' to 'IGNOREUNKNOWNVARIABLES'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-12 11:51:31 -08:00 |
|
Tom Eastep
|
88d4814209
|
Merge branch '4.5.10'
Conflicts:
Shorewall/Perl/Shorewall/Config.pm
|
2012-12-08 20:54:33 -08:00 |
|
Tom Eastep
|
4d064d6713
|
Replace spaces with tabs in rules files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-07 16:48:55 -08:00 |
|
Tom Eastep
|
56d7b6248b
|
Begin Action Documentaiton Update
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-05 19:07:42 -08:00 |
|
Tom Eastep
|
02cbd72a91
|
Merge branch '4.5.10'
|
2012-12-04 10:56:09 -08:00 |
|
Tom Eastep
|
60012d1208
|
Add additional space for the OPTIONS column
- actions and actions.std problem
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-04 10:54:32 -08:00 |
|
Tom Eastep
|
903e25a91a
|
Add ALLOWUNKNOWNVARIABLES to the sample configurations.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-04 09:04:34 -08:00 |
|
Tom Eastep
|
8f1e8bf475
|
Add 'ALLOWUNKNOWNVARIABLES' to the manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-04 08:50:23 -08:00 |
|
Tom Eastep
|
cd5e9be467
|
Carefully suppress duplicate rules in all tables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-02 12:20:24 -08:00 |
|
Tom Eastep
|
cc657e571d
|
Update action templates with new columns.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-01 10:25:10 -08:00 |
|
Tom Eastep
|
f358a78eca
|
Revise the description of 'noinline' to match the changed implementation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-01 09:33:38 -08:00 |
|
Tom Eastep
|
8cbe26e32c
|
Ignore 'inline' for certain actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-12-01 07:54:42 -08:00 |
|
Tom Eastep
|
15121e0743
|
Also substitute the chain name for '@0' in SWITCH names.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-29 08:05:49 -08:00 |
|
Tom Eastep
|
9c0d8a2533
|
Use '@{0}' as the chain name surrogate in SWITCH columns
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-29 07:17:13 -08:00 |
|
Tom Eastep
|
bff91cd325
|
Allow overriding 'inline' on some standard actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-28 15:03:08 -08:00 |
|
Tom Eastep
|
8006d150f1
|
Allow switch initialization.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-27 16:17:43 -08:00 |
|
Tom Eastep
|
d7096ae52e
|
Back out default-action macros and document in-line actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-27 10:53:18 -08:00 |
|
Tom Eastep
|
6bf996d4b8
|
Implement inline actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-27 10:32:48 -08:00 |
|
Tom Eastep
|
7673b1ac4b
|
Support multiple parameters in macros.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-26 11:04:19 -08:00 |
|
Tom Eastep
|
fc87576005
|
Back out silly change for output interfaces in the conntrack file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-26 09:47:42 -08:00 |
|
Tom Eastep
|
21c2963691
|
Correct Format-3 syntax for the SOURCE column of the conntrack file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-26 07:48:43 -08:00 |
|
Tom Eastep
|
fb3194d96b
|
Correct handling of default-action macro when specified as "macro.Name"
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-25 10:16:43 -08:00 |
|
Tom Eastep
|
629717f7cc
|
Correct policy manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-25 09:33:46 -08:00 |
|
Tom Eastep
|
8c2db40783
|
Correct errors in the conntrack manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-25 08:52:51 -08:00 |
|
Tom Eastep
|
dbfc805707
|
Add 'IU' state in secmarks
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-25 08:10:53 -08:00 |
|
Tom Eastep
|
748d532175
|
Correct the explaination of ULOG and NFLOG in the manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-24 09:11:28 -08:00 |
|
Tom Eastep
|
30de211bda
|
Implement format-3 conntrack files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-22 20:56:56 -08:00 |
|
Tom Eastep
|
47ef3db53c
|
Add SWITCH column to sample IPv6 conntrack file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-22 09:10:30 -08:00 |
|
Tom Eastep
|
8a744de906
|
Document semantic change to 'all' handling in the conntrack file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-22 09:10:07 -08:00 |
|
Tom Eastep
|
059095e366
|
Corrected shorewall6-rules(8)
- delete A_ACCEPT+
- correct a typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-22 09:09:35 -08:00 |
|
Tom Eastep
|
df7ce1a7d1
|
Add the AUDIT built-in and delete the Audit action.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-22 08:24:33 -08:00 |
|
Tom Eastep
|
3040156981
|
Add SWITCH column to the conntrack file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-21 14:20:56 -08:00 |
|
Tom Eastep
|
952aed225d
|
Improve handling of 'all' in the conntrack file.
- Also added 'all-' to represent all off-firewall zones.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-21 13:07:01 -08:00 |
|
Tom Eastep
|
7bfbf522bc
|
Document that parameters are allowed in default actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-21 11:12:55 -08:00 |
|
Tom Eastep
|
3b20c0db54
|
Allow Macros to be used as Default Actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-19 16:52:10 -08:00 |
|
Tom Eastep
|
be587726f4
|
Merge branch '4.5.9'
|
2012-11-19 08:22:05 -08:00 |
|
Tom Eastep
|
60a509c926
|
Add new macros and alphabetize the ACTION list in the rules manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-19 08:19:12 -08:00 |
|
Tom Eastep
|
37779038da
|
More expunging of USE_ACTIONS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 20:54:24 -08:00 |
|
Tom Eastep
|
9dac330756
|
Remove references to USE_ACTIONS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 13:13:20 -08:00 |
|
Tom Eastep
|
dfd02c932e
|
Correct typo in shorewall(8) and shorewall6(8).
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 13:12:03 -08:00 |
|
Tom Eastep
|
c6ffdd67e2
|
Add DROP target to the conntrack file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 11:35:40 -08:00 |
|
Tom Eastep
|
5265cd5bb7
|
Add UNTRACKED match to the secmarks file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 11:01:49 -08:00 |
|
Tom Eastep
|
ab381ed95e
|
Expand the description of enable/disable on optional non-provider interfaces.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 09:01:38 -08:00 |
|
Tom Eastep
|
0277d6628e
|
Correct typo in shorewall(8) and shorewall6(8).
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-18 08:30:47 -08:00 |
|
Tom Eastep
|
a2b14c37ed
|
Treat optional interfaces as pseudo-providers.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-11-16 09:48:21 -08:00 |
|
Tom Eastep
|
86ae74005a
|
Correct invalid information in shorewall[6]-tcclasses.
- Delete part about an interface only appearing once.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-29 12:46:58 -07:00 |
|
Tom Eastep
|
e908473d29
|
Clean up description of CHECKSUM in the manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-26 11:22:54 -07:00 |
|
Tom Eastep
|
e177916c12
|
Implement statistical marking in the tcrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-26 07:10:26 -07:00 |
|
Tom Eastep
|
0387b16983
|
Implement CHECKSUM action in the tcrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-22 15:42:13 -07:00 |
|
Tom Eastep
|
f24e194819
|
Don't display chains with no matched entries when -b
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-22 14:15:37 -07:00 |
|
Paul Gear
|
cf68379c4c
|
Document brief option for show command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-20 07:11:56 -07:00 |
|
Paul Gear
|
6c06302d2a
|
Make formatting of interface options consistent
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-20 07:11:48 -07:00 |
|
Tom Eastep
|
cc90a06958
|
Add RESTORE_ROUTEMARKS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-11 07:34:57 -07:00 |
|
Tom Eastep
|
1195661264
|
Document new Dynamic Zone implementation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-07 12:20:36 -07:00 |
|
Tom Eastep
|
92d39dc56d
|
Expunge the g_perllib variable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-01 06:59:39 -07:00 |
|
Tom Eastep
|
a8e9296473
|
Expunge the g_sbindir variable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2012-10-01 06:55:48 -07:00 |
|