teastep
1e763c24d9
Many changes to make non-root compile possible
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3336 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-20 23:34:19 +00:00
teastep
252f8b47ec
Make policy match detection work on kernel 2.6.16/iptables 1.3.4
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3328 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-20 15:03:35 +00:00
teastep
4bebbdad3b
Really implement 'stop' in the generated script
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3309 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-17 20:03:00 +00:00
teastep
49fbc960c0
Retreat
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3305 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-16 23:15:51 +00:00
teastep
bc27bc935f
Some hacking on '-p' -- still not ready for prime time
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3302 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-16 21:29:00 +00:00
teastep
01e38957e0
Update versions from 3.0 to 3.2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3297 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-16 15:15:43 +00:00
teastep
9325925aef
Merge Fabio Longerai's LENGTH patch
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3296 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-15 22:54:12 +00:00
teastep
bb8920962b
Improve some error messages
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3289 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-15 02:19:04 +00:00
teastep
b027081e5b
Add error checking to compiled scripts
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3283 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-14 18:35:50 +00:00
teastep
d1f17dbf98
replace 'generate' by 'compile' as COMMAND value
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3280 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-14 00:08:45 +00:00
teastep
ec9c3d3db9
Allow DETECT_DNAT_IPADDRS=Yes with -e
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3279 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-14 00:04:00 +00:00
teastep
25e02e273f
Allow BROADCAST = detect with -e
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3277 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-13 19:29:23 +00:00
teastep
71bec3c0b1
Clean up remote compilation
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3271 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-12 23:45:33 +00:00
teastep
e9423d9c04
Allow remote compiles
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3269 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-12 23:26:37 +00:00
teastep
51d9e2aeec
First set of changes to allow compilation on a different system
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3266 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-12 18:21:16 +00:00
teastep
ee3a9a9456
Add extra-quiet mode using -qq
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3262 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-09 17:11:30 +00:00
teastep
d81f2ca29e
First releast of 'shorewall generate'
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3237 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-07 01:08:23 +00:00
teastep
d145351222
Preparation for 'generate' command
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3236 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-06 23:02:55 +00:00
teastep
08993cfe08
Stop whining about ipt_owner messages under kernel 2.6.14
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2939 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-31 21:06:01 +00:00
teastep
609dc4d82b
Remove Extended mark detection and reporting
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2924 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-24 22:35:05 +00:00
teastep
7630bace28
Remove ROUTE target detections/reporting
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2923 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-24 19:43:53 +00:00
teastep
508ee203e5
detect ClASSIFY target support
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2808 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-05 23:22:39 +00:00
teastep
47a34926f4
Better diagnostics when IPP2P match is missing
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2784 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-04 16:20:30 +00:00
teastep
84af786df4
Add capabilities report to 'shorewall dump' output
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2758 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-30 16:54:24 +00:00
teastep
1d763c84df
Fix param handling in restore-base
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2654 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-09 16:52:10 +00:00
teastep
819e9dd38f
Add SHOREWALL_LIBRARY global variable
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2649 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-08 22:30:32 +00:00
teastep
738b45ad9e
Update the version number to 3.0 in all files
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2606 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-31 15:27:22 +00:00
teastep
f9f3fadd56
Add find_interface_by_mac()
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2516 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-17 20:07:47 +00:00
teastep
ac1983a5da
Large cleanup patch from Tuomo Soini
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2449 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-02 16:46:30 +00:00
teastep
3f748212d6
Globalize shorewall_is_started()
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2443 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-01 20:35:28 +00:00
teastep
c66159abee
capitalize 'terminator' variable; duplicate PREROUTING connmark logic in OUTPUT
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2441 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-01 17:17:24 +00:00
teastep
c7cb64e4ee
Make a couple of more warnings more emphatic
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2438 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-31 17:15:37 +00:00
teastep
54a5a111a6
Make separate_list handle enclosures in a more general way
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2437 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-31 17:12:04 +00:00
teastep
9feb547b6e
/sbin/shorewall status rework -- take 2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2430 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-29 18:32:50 +00:00
teastep
6c8b63bfe0
Remove dependence on 'which'
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2421 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-27 20:30:16 +00:00
teastep
b66929a65e
Large merge of function from EXPERIMENTAL to HEAD.
...
1) Elimination of the "shorewall monitor" command.
2) The /etc/shorewall/ipsec and /etc/shorewall/zones file are combined into
a single /etc/shorewall/zones file. This is done in an upwardly-compatible
way so that current users can continue to use their existing files.
3) Support has been added for the arp_ignore interface option.
4) DROPINVALID has been removed from shorewall.conf. Behavior is as if
DROPINVALID=No was specified.
5) The 'nobogons' option and BOGON_LOG_LEVEL are removed.
6) Error and warning messages have been made easier to spot by using
capitalization (e.g., ERROR: and WARNING:).
7) The /etc/shorewall/policy file now contains a new connection policy and a
policy for ESTABLISHED packets. Useful for users of snort-inline who want to
pass all packets to the QUEUE target.
8) A new 'critical' option has been added to /etc/shorewall/routestopped.
Shorewall insures communication between the firewall and 'critical' hosts
throughout start, restart, stop and clear. Useful for diskless firewall's
with NFS-mounted file systems, LDAP servers, Crossbow, etc.
9) Macros. Macros are very similar to actions but are easier to use, allow
parameter substitution and are more efficient. Almost all of the standard
actions have been converted to macros in the EXPERIMENTAL branch.
10) The default value of ADD_IP_ALIASES in shorewall.conf is changed to No.
11) If you have 'make' installed on your firewall, then when you use
the '-f' option to 'shorewall start' (as happens when you reboot),
if your /etc/shorewall/ directory contains files that were modified
after Shorewall was last restarted then Shorewall is started using
the config files rather than using the saved configuration.
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2409 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-25 23:08:09 +00:00
paulgear
4f8bbb5866
Copy latest development version from Shorewall2/
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2269 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 06:13:05 +00:00
paulgear
2a19eb8a5a
Copy latest 2.4 version from Shorewall2/
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2264 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 05:55:29 +00:00
paulgear
90dd62e89e
Copy latest 2.2 version from STABLE2/
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2263 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 05:45:05 +00:00
paulgear
921a7223d4
Copy latest 2.0 code from STABLE2/
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2262 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 04:45:32 +00:00
teastep
f046ea3ab1
Fix route filtering
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@782 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-30 15:42:45 +00:00
teastep
5448a9cc38
Expand chain naming
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@777 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-25 00:54:01 +00:00
teastep
bb20363bb2
Fix for IPV6 addresses and the 'ip' utility
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@735 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-28 18:02:59 +00:00
teastep
05c0c27012
Fix adding range of aliases
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@734 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-27 19:53:02 +00:00
teastep
afbe79977e
Fix adding range of aliases
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@732 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-27 15:13:03 +00:00
teastep
41de5afd06
Decommit per-interface dynamic blacklisting; warnings on 'unclean' dependencies
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@726 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-24 01:24:23 +00:00
teastep
3ee26da51c
Henry Yang's patch plus fix LOGRATE/ratelimit conflict on rules file logging
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@723 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-22 15:27:08 +00:00
teastep
510a35b46c
Allow chains with IP addresses as names -- improved version
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@722 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-21 14:48:49 +00:00
teastep
90b5b607a6
Allow chains with IP addresses as names
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@721 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-21 13:18:51 +00:00
teastep
61ba5353e5
Simplify ip_broadcast()
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@689 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-07 17:31:47 +00:00