Commit Graph

14675 Commits

Author SHA1 Message Date
Tom Eastep
92133e5a6b
Default-action lists
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-06 10:11:48 -08:00
Tom Eastep
686ca9d3a3
Allow builtin actions in xxx_DEFAULT settings.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-05 15:21:57 -08:00
Tom Eastep
e45b96ca20
Update blacklisting article:
- ipset-based blacklisting
- BLACKLIST policy and action

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-26 13:17:11 -08:00
Matt Darfeuille
eac2639684
core: Correct the path being displayed for the CLI
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-24 16:19:08 -08:00
Tom Eastep
70a395892f
Make BLACKLIST work correctly in the blrules file
- Add the 'section' action option

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-23 15:03:02 -08:00
Tom Eastep
d2d11df4f6
Make action.BLACKLIST behave correctly in the blrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-23 13:35:10 -08:00
Tom Eastep
b985654600
Correct typo in heading of Reject and Drop actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-23 11:54:40 -08:00
Tom Eastep
62ff6d3fa5
Remove obsolete macros
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-23 09:26:19 -08:00
Tom Eastep
2bbb5c8c1e
Add hack to distinguish between the BLACKLIST macro and action
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-23 09:23:26 -08:00
Tom Eastep
33b4ee4d31
Don't quote variable values in ERROR/WARNING/INFO directives
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-23 09:00:18 -08:00
Tom Eastep
889ca756a1
Document @action
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-23 08:58:42 -08:00
Tom Eastep
d111e4f186
Handle built-in actions in 'show action'
- Remove a couple of non-actions from IPv4 actions.std

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-22 15:40:36 -08:00
Tom Eastep
634c8debda
Use ?REQUIRE in several actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-22 14:59:37 -08:00
Tom Eastep
71dd5d016b
Add ?REQUIRE compiler directive
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-22 14:48:18 -08:00
Tom Eastep
6b408869d2
Correct the synopsis in two action files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-22 11:47:12 -08:00
Tom Eastep
edf08bf408
Cosmetic change in compiler()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-21 19:47:50 -08:00
Tom Eastep
4a01e910ff
Delete unused iptablesbug() function
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-21 14:42:24 -08:00
Tom Eastep
2a010f827b
Add 'show action' command.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-19 15:58:18 -08:00
Tom Eastep
9c3a82f628
Add BLACKLIST action
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-19 14:08:15 -08:00
Tom Eastep
e6933f4c8d
Add BLACKLIST policy
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-18 10:55:15 -08:00
Tom Eastep
cc3b8793e0
Make BALANCE_PROVIDERS default the setting of USE_DEFAULT_RT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-17 15:02:16 -08:00
Tom Eastep
ac5fd195ec
Correct provider/routefilter check wrt optional interfaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-17 09:34:13 -08:00
Tom Eastep
45b9ddf188
Add BALANCE_PROVIDERS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-17 08:58:09 -08:00
Tom Eastep
2d16fac9ed
Revert "Implement USE_DEFAULT_RT=Exact"
This reverts commit 2ca1ae734a.
2017-01-17 08:25:33 -08:00
Tom Eastep
f23970b4f7
Include LOG_MARTIANS in test for setting log_martians with routefilter
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-14 13:03:24 -08:00
Tom Eastep
04112647d3
Correct provider/routefilter checking
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-14 12:40:39 -08:00
Tom Eastep
2ca1ae734a
Implement USE_DEFAULT_RT=Exact
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-14 08:14:08 -08:00
Tom Eastep
b36b07b567
Correct 'show macros'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-12 08:35:03 -08:00
Tom Eastep
64c249a174
Set logmartians along with routefilter.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-11 15:53:55 -08:00
Tom Eastep
0019ca53e5
Include ROUTE_FILTER in routefilter/provider checks
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-11 15:39:13 -08:00
Tom Eastep
0d2a5089a9
Merge branch '5.1.0' 2017-01-11 12:29:57 -08:00
Tom Eastep
50d09e76cb
Catch 'routefilter' with provider interfaces.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-11 11:47:10 -08:00
Tom Eastep
73772efb85
Correct typo in shorewall-interfaces(5)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-11 11:20:07 -08:00
Tom Eastep
568f461763
Propogate PAGER to -lite systems
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-11 11:18:57 -08:00
Tom Eastep
f12b78d518
Correct Shorewall6-lite .service file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-10 09:55:16 -08:00
Tom Eastep
a15b2918a4
Remove ipsec-tools/Racoon config info from the IPSEC-2.6 Article
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-08 13:32:34 -08:00
Tom Eastep
cb150f9c09
Allow compact IPv6 addresses in IP6TABLES() rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-07 10:01:03 -08:00
Tom Eastep
19ce2093d8
Correct splitting of IP(6)TABLES options
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-07 10:00:37 -08:00
Tom Eastep
b8c322a05f
Ignore SUBSYSLOCK when $SERVICEDIR is non-empty
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-06 15:50:26 -08:00
Tom Eastep
f68d3fd9fa
Revert "Remove SUBSYSLOCK"
This reverts commit 386b137e9b.
2017-01-06 09:49:40 -08:00
Tom Eastep
386b137e9b
Remove SUBSYSLOCK
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-05 10:03:03 -08:00
Tom Eastep
ce68f84d9d
Remove Makefile from Shorewall[6][-lite]
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-05 08:22:02 -08:00
Tom Eastep
5aed31d37a
Restore SUBSYSLOCK setting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-04 19:39:08 -08:00
Tom Eastep
0b3d1b1d36
Revert code that assumed no CLI symlinks
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-04 17:12:20 -08:00
Tom Eastep
6be89b4e2d
Add command correspondence to shorewall(8)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-02 13:40:32 -08:00
Tom Eastep
75a9e45caf
Documentation cleanup
- Update Copyright years
- Tweaks to the Anatomy article

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-02 09:17:59 -08:00
Tom Eastep
2f9ef4dda7
Update kernel module files
- Include additional nat modules

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-30 10:56:16 -08:00
Tom Eastep
26f181ef2a
Add SERVICEDIR to the init file paragraph titles
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-29 14:28:46 -08:00
Tom Eastep
b0ea9db0bd
Update the Anatomy article for 5.1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-28 11:28:09 -08:00
Tom Eastep
7a3865bcfc
Eliminate duplicate id tags in the Anatomy article
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-12-28 11:24:30 -08:00