Commit Graph

251 Commits

Author SHA1 Message Date
Tom Eastep
27a0f0f7a0
Make TRACK_PROVIDERS=Yes the default
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2018-01-10 08:46:01 -08:00
Tom Eastep
b42678269c
Revert "Add :syn to each TCP entry in the conntrack file"
This reverts commit f861f8da35.
2017-12-29 13:08:27 -08:00
Tom Eastep
f861f8da35
Add :syn to each TCP entry in the conntrack file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-12-29 12:38:58 -08:00
Tom Eastep
7289175070
Chop first config dir if non-root or if compiling for export.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-11-23 09:57:12 -08:00
Tom Eastep
90f33dd436
Eliminate MODULE_SUFFIX
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-08-23 12:48:14 -07:00
Tom Eastep
34e4fffd7d
Module suffix changes
- Re-order default list in the compiler to match lib.common
- MODULE_SUFFIX="ko ko.xz" in standard .conf files.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-08-21 12:44:23 -07:00
Tom Eastep
657215f9b5
Add sample enabled and disabled scripts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-08-03 12:50:49 -07:00
Tom Eastep
1301848315
Change .conf files to specify USE_NFLOG_SIZE=No
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-06-26 10:46:16 -07:00
Tom Eastep
ff2323b249
Add the USE_NFLOG_SIZE option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-06-25 16:54:14 -07:00
Tom Eastep
bb70a3637b
Add PERL_HASH_SEED option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-05-02 07:51:37 -07:00
Tom Eastep
02bb717d7d
Quote SMURF_LOG_LEVEL setting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-13 11:21:13 -07:00
Tom Eastep
24a014655b
Quote all _DEFAULT settings in the sample .conf files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-13 11:00:29 -07:00
Tom Eastep
3d8d5aa469
quote $LOG_LEVEL in shorewall[6].conf files
- Delete AllowICMPs from IPv4 policy action settings

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-08 14:16:24 -08:00
Tom Eastep
5a996cbda7
Change AllowICMPs to an inline action
Signed-off-by: Tom Eastep <teastep@shorewall.net>

Conflicts:
	Shorewall/actions.std
2017-03-07 13:56:44 -08:00
Tom Eastep
944888c04f
Handle broadcast and muticast separately
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-15 10:16:20 -08:00
Tom Eastep
48d301b2cf
Rename the policy LIMIT column to RATE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-12 10:17:43 -08:00
Tom Eastep
735919d8d3
Add LOG_LEVEL option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-12 09:52:55 -08:00
Tom Eastep
66a63a4da5
Fix instances of $LOGrmation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-12 08:33:56 -08:00
Tom Eastep
8c9fb501fd
Adjust .conf files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-11 13:41:28 -08:00
Tom Eastep
95ffada759
Change sample IPv4 default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-06 13:47:02 -08:00
Tom Eastep
e6933f4c8d
Add BLACKLIST policy
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-18 10:55:15 -08:00
Tom Eastep
45b9ddf188
Add BALANCE_PROVIDERS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-17 08:58:09 -08:00
Tom Eastep
2d16fac9ed
Revert "Implement USE_DEFAULT_RT=Exact"
This reverts commit 2ca1ae734a.
2017-01-17 08:25:33 -08:00
Tom Eastep
2ca1ae734a
Implement USE_DEFAULT_RT=Exact
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-14 08:14:08 -08:00
Tom Eastep
f68d3fd9fa
Revert "Remove SUBSYSLOCK"
This reverts commit 386b137e9b.
2017-01-06 09:49:40 -08:00
Tom Eastep
386b137e9b
Remove SUBSYSLOCK
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-05 10:03:03 -08:00
Tom Eastep
5aed31d37a
Restore SUBSYSLOCK setting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-04 19:39:08 -08:00
Tom Eastep
77e83f0afd
Eliminate the CHAIN_SCRIPTS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-11-29 16:33:23 -08:00
Tom Eastep
a45fe692cc
Add a SWITCH column to the mangle files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-11-29 16:13:44 -08:00
Tom Eastep
c561f8eb03
Default shorewall.conf changes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-11-22 08:57:47 -08:00
Tom Eastep
6e08717089
Formatting changes to snat files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-11-01 17:11:43 -07:00
Tom Eastep
43fdddb438
Add 'snat' config file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-15 11:38:52 -07:00
Tom Eastep
14e8568d9e
Add the FIREWALL .conf option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-05 15:03:54 -07:00
Tom Eastep
ed48eed0c6
Change order of options in .conf files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-10-02 15:14:31 -07:00
Tom Eastep
792b3b696c
Add ZERO_MARKS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-26 16:04:26 -07:00
Tom Eastep
24d40f4cc2 Add VERBOSE_MESSAGES option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-30 08:00:56 -07:00
Tom Eastep
df1b1f6768 Add MINIUPNPD option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-01 08:57:08 -07:00
Tom Eastep
62880bdf1b Don't populate PAGER in the sample config files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-02 13:04:47 -08:00
Tom Eastep
90d254f0c3 Add PAGER option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-02 08:32:49 -08:00
Tom Eastep
e66d9f6547 Add DOCKER option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-02-19 17:42:54 -08:00
Tom Eastep
98b4ab5ceb Add missing columns in the masq file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-03 19:51:21 -08:00
Tuomo Soini
948175124b accounting: there must be more room for ACTION, SOURCE, and DEST
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-27 22:33:03 +02:00
Tuomo Soini
b25a8e4b2d shorewall: use real field names in config file headers
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-16 18:16:17 +02:00
Tom Eastep
7b54e5e1a6 Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2015-11-10 07:50:33 -08:00
Tuomo Soini
9460458fd5 Shorewall: reduce number of lines on config headers
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-09 23:04:00 +02:00
Tom Eastep
7fb00e0dfe Remove the routestopped files and their manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-09 07:28:46 -08:00
Tuomo Soini
e989fa1d49 configfiles/routestopped: add install path
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-09 10:27:07 +02:00
Tuomo Soini
f095e6f31d configfiles: unified configuration file formatting
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-09 10:24:20 +02:00
Tuomo Soini
0c481b4c30 shorewall: use consitent headers on config files
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-10-31 08:18:50 +02:00
Tuomo Soini
e987a11614 Shorewall/configfiles/stoppedrules: use standard description
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-10-28 10:48:27 +02:00