Commit Graph

1639 Commits

Author SHA1 Message Date
Tom Eastep
8115934adf More alternate-specification fixes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-09 07:05:08 -07:00
Tom Eastep
092da7ce67 Add proxyndp to 'pairs' documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-07 15:14:23 -07:00
Tom Eastep
109bed7037 Add proxyndp to 'pairs' documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-07 15:07:09 -07:00
Tom Eastep
835a056eb8 Implement BLACKLIST section in the rules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-03 16:02:01 -07:00
Tom Eastep
0a5d5821ec Support additional forms of column/value pair specification
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-02 11:45:55 -07:00
Tom Eastep
072f4752fc Get rid of minimum column requirement
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-01 09:56:25 -07:00
Tom Eastep
5aa4534fbe Correct copyright date in the Shorewall Lite doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-29 07:20:01 -07:00
Tom Eastep
765ec27fbb Correct URL in the Documentation Index 2011-09-27 18:34:23 -07:00
Tom Eastep
a3d4edfd1f Reorganize Shorewall Lite docs 2011-09-27 18:13:57 -07:00
Tom Eastep
37da8b5808 Rename and refine Shorewall Lite doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-27 15:44:19 -07:00
Tom Eastep
11064202a5 Update features 2011-09-26 17:32:06 -07:00
Tom Eastep
2b7515f434 Refer manpage readers to the 'Pairs' information
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-26 10:16:52 -07:00
Tom Eastep
9a4dfc4394 Implement an alternate way of specifying column contents.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-25 17:08:53 -07:00
Tom Eastep
dbf5f17b41 More tweaks to switch implementation.
1) Switch names may be 30 characters long.
2) Switch settings are retained over restart.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-24 07:34:58 -07:00
Tom Eastep
12bfc14c5f More SWTICH changes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 14:44:20 -07:00
Tom Eastep
caddd65412 Rename condition->switch and add more documentation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 12:33:55 -07:00
Tom Eastep
cf80dc8858 Document OpenVZ brokenness on Squeeze 2011-09-21 19:27:38 -07:00
Tom Eastep
e894e15fa1 More netmap updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-19 08:28:04 -07:00
Tom Eastep
379d1d3201 Document how to use IPv6 netmap
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-18 10:56:11 -07:00
Tom Eastep
dd836507e0 Correct capitalization (SHARED->Shared)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-16 10:27:49 -07:00
Tom Eastep
551f93762d Correct two typos in the Proxy ARP doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-15 14:46:50 -07:00
Tom Eastep
a16986ddc3 s /filter/sfilter/ in FAQ 17
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-05 17:24:42 -07:00
Tom Eastep
88e28775c9 Document SAFESTOP in FAQ 73.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-04 07:49:04 -07:00
Tom Eastep
678f6b4091 Add FAQ 97 about low TC outbound bandwidth
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-01 10:48:48 -07:00
Tom Eastep
d08ddd30ff Update copyright in Documentation Index
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-31 07:59:05 -07:00
Tom Eastep
8b67052e5d Add LXC.html to the documentation index and provide Graphic
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-31 07:49:43 -07:00
Tom Eastep
751094f408 Remove my email address from the LSM sample config 2011-08-31 07:07:25 -07:00
Tom Eastep
528f2b0aa2 Implement enable and disable commands for IPv4
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-25 16:00:27 -07:00
Tom Eastep
0b2a8b12c7 Implement Stateless NAT support.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-14 12:01:17 -07:00
Tom Eastep
f49ae2762b Correct typos in Macros HOWTO
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-12 14:49:34 -07:00
Tom Eastep
c923dfdade Correct Port Knocking HOWTO for iptables 1.4.12
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-09 16:22:46 -07:00
Tom Eastep
58f9a66587 Add FAQ 96 re: DISABLE_IPV6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-08-02 07:33:01 -07:00
Tom Eastep
db8092d71e Update VPN Basics Doc 2011-07-30 09:16:26 -07:00
Tom Eastep
9e6fd39145 Corrections to OPENVPN doc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-30 06:57:55 -07:00
Tom Eastep
15a88f962f Add a FAQ regarding $FW
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-14 07:48:51 -07:00
Tom Eastep
0ab7e06f84 Document renaming of scripts in the Build document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-09 15:15:06 -07:00
Tom Eastep
92e244f1b8 Mention reversed interfaces in FAQ 1b.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-09 09:32:38 -07:00
Tom Eastep
290e5d3cfd Add the release repository to the Build document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-08 16:03:10 -07:00
Tom Eastep
7cb3392e3d Expand explaination of rate limiting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-08 09:53:56 -07:00
Tom Eastep
aa31e52b96 Show alternative message for partial PORT or PASV reply
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-07 06:43:07 -07:00
Tom Eastep
d31e2d67ba DEFAULTS directive enforces max number of parameters
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-03 07:22:29 -07:00
Tom Eastep
ef848a559c Correct TPROXY documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-30 06:36:48 -07:00
Tom Eastep
bd2cbfc5e2 Correct typo in the Manual Chains HOWTO
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-28 07:45:49 -07:00
Tom Eastep
67b8a10879 Correct parameterized default action in the FAQ 2011-06-25 10:26:45 -07:00
Tom Eastep
6cc2503f60 More FAQ updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-25 08:23:32 -07:00
Tom Eastep
961b9b5e6d More FAQ cleanup
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-25 07:44:13 -07:00
Tom Eastep
8b61e4500a Documentation Updates (mostly FAQ)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 13:40:50 -07:00
Tom Eastep
6da5380230 Update troubleshooting doc for -T option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 11:48:14 -07:00
Tom Eastep
0d2e2a14d3 Document additional parameters to standard default actions and DEFAULT in macro files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 08:05:13 -07:00
Tom Eastep
44599530ea Remove warnings about duplicate zone/interface dynamic hosts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 18:27:18 -07:00
Tom Eastep
c112f2381e Document IPv6 Dynamic Zones
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 10:59:14 -07:00
Tom Eastep
f7322a674d Update ipset doc with Shorewall6 and Shorewall-init info.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 15:00:48 -07:00
Tom Eastep
a4b77d7267 Update compiler.pl documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 07:56:03 -07:00
Tom Eastep
6f3497e353 Update Audit.xml with parameterized standard action info
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-19 06:50:18 -07:00
Tom Eastep
b7a3142620 Document parameterized default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 15:25:48 -07:00
Tom Eastep
0cb98737f7 Document DEFAULTS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-11 07:29:25 -07:00
Tom Eastep
642319d706 Change annotated documentation default
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-06 15:40:21 -07:00
Tom Eastep
c42c6864b4 Don't modify the .conf file installed in configfiles.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-06 09:46:22 -07:00
Tom Eastep
4436d479b4 Extend FAQ 4 2011-06-05 17:58:20 -07:00
Tom Eastep
b20156de9e Add note about 'burst' to the complex TC doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-05 06:33:33 -07:00
Tom Eastep
818b927b73 Make Kernel Config article unmaintained 2011-06-04 06:31:25 -07:00
Tom Eastep
eba1473600 Change heading in the Documentation Index
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-03 07:39:08 -07:00
Tom Eastep
c3600eb814 Document -p and PLAIN
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-02 06:43:23 -07:00
Tom Eastep
0287d96aa2 Finish filtering implementation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-26 13:38:44 -07:00
Tom Eastep
704f3fdd55 Document audited default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-24 07:24:15 -07:00
Tom Eastep
5d04c93a16 Implement LEGACY_FASTSTART option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-22 15:36:29 -07:00
Tom Eastep
e511c5a8d5 Corrections to Audit documents 2011-05-22 10:25:43 -07:00
Tom Eastep
a8fd3281d9 Add CONFIG_PATH section
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-22 08:59:05 -07:00
Tom Eastep
57d276f0b3 Add default action example 2011-05-22 08:02:23 -07:00
Tom Eastep
b844fc3107 Correct typo in Audit doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-22 06:10:58 -07:00
Tom Eastep
ad050763cc Documentation update 2 for AUDIT support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-21 17:22:19 -07:00
Tom Eastep
e940f5018e Implement whitelisting.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-18 08:30:01 -07:00
Tom Eastep
8ec33cd6dd Update accounting documentation 2011-05-17 18:35:28 -07:00
Tom Eastep
fd70e73d34 Add ACCOUNTING_TABLE option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-17 12:51:33 -07:00
Tom Eastep
43a21e122a Update Install doc with absolute path name info
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-05-14 07:20:38 -07:00
Tom Eastep
02baf94246 Fix typo in starting/stopping doc 2011-05-08 05:44:24 -07:00
Tom Eastep
68fe7c733e Correct ipset allowed characters 2011-04-11 10:02:18 -07:00
Tom Eastep
c902045348 Document method of turning off TSO/GSO 2011-04-11 09:49:48 -07:00
Tom Eastep
5734c84499 Documentation updates 2011-04-11 09:37:50 -07:00
Tom Eastep
f2d5e79684 Add link to 2011 Linuxfest Doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-04-10 15:25:52 -07:00
Tom Eastep
6e7a7b7f39 Clarify what Shorewall UPnP does and does not do 2011-04-10 10:29:10 -07:00
Tom Eastep
81437b2bb1 Don't mention downloads in the complex TC doc 2011-04-04 19:01:06 -07:00
Tom Eastep
6b93ff3a91 Clarify Debian file location 2011-04-03 19:32:39 -07:00
Tom Eastep
a47357a6e8 Re-add LXC doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-04-03 10:27:52 -07:00
Tom Eastep
cc633c5bd9 Shorewall 4.4.19 Changes 2011-04-03 09:56:30 -07:00
Tom Eastep
d7fb4e8ed9 More corrections to Tuomo's Example 2011-03-02 07:13:14 -08:00
Tom Eastep
e2c8d7b3e1 Correct Tuomo's workaround description 2011-03-01 14:04:06 -08:00
Tom Eastep
b7b1d5a7ab Link Proxy NDP section to the Vserver example of same 2011-02-28 13:40:20 -08:00
Tom Eastep
323fef9b51 Add additional info to the Vserver NDP section 2011-02-28 13:38:03 -08:00
Tom Eastep
cb94ca821e Correct typo 2011-02-28 13:08:28 -08:00
Tom Eastep
e9a3dc85fc Add proxy NDP example to the Vserver article 2011-02-28 13:05:04 -08:00
Tom Eastep
ac45a9b392 Fix typo in the Lenny->Squeeze doc 2011-02-19 09:28:09 -08:00
Tom Eastep
e47cb61c33 Introduce 'accountfwd' chain for forwarded accounting in sectioned configuration 2011-02-18 15:44:55 -08:00
Tom Eastep
da1ae7d301 Add bleve's tip to the MultiISP doc 2011-02-18 09:02:56 -08:00
Tom Eastep
e5fb8b0a35 Add Simple TC warning to the Lenny->Squeeze article 2011-02-12 20:02:54 -08:00
Tom Eastep
5c0b592934 Section the accounting file 2011-02-12 12:47:15 -08:00
Tom Eastep
27add33ff3 Add 'show ipa' to Accounting doc 2011-02-10 13:54:51 -08:00
Tom Eastep
f5a39a4aa8 Updates for new release model 2011-02-07 16:32:51 -08:00
Tom Eastep
b4b59119ef Don't allow non-accounting chain in the CHAIN accounting column 2011-02-07 16:32:38 -08:00
Tom Eastep
2c2fdab0fe Rename USE_LOCAL_MODULES to EXPORTMODULES
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-02-06 08:42:35 -08:00
Tom Eastep
98e3827246 Remove rant in getting started doc 2011-02-04 06:45:53 -08:00
Tom Eastep
ea2c72d1b1 Prepare for 4.4.17 2011-02-04 06:44:02 -08:00
Tom Eastep
b61ad28897 Add threat to GettingStarted doc 2011-02-03 20:38:41 -08:00
Tom Eastep
ac13be4ed4 Add rate-limiting example to rules manpages 2011-02-03 13:26:41 -08:00
Tom Eastep
ae4d675d0d Document chain name length restriction 2011-01-31 07:07:10 -08:00
Tom Eastep
a9f5721851 Add OpenSuSE 11.3 to distros tested with per-IP accounting 2011-01-31 06:55:59 -08:00
Tom Eastep
a026ffabe1 Add iptaccount -l example with output 2011-01-30 14:04:26 -08:00
Tom Eastep
2cf3d15d45 Mention the iptaccount --help command 2011-01-30 10:46:35 -08:00
Tom Eastep
303afe8c7e Some accounting fixes (code and docs) 2011-01-30 09:39:14 -08:00
Tom Eastep
26cea4336e Document per-IP accounting 2011-01-30 08:33:06 -08:00
Tom Eastep
156b04c380 Implement Run-time Address Variables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-01-26 09:08:48 -08:00
Tom Eastep
4098535a43 Revise info about mis-using Vserver zones 2011-01-23 12:47:13 -08:00
Tom Eastep
d5b0a39b45 Add some info about mis-using Vserver zones 2011-01-23 09:45:06 -08:00
Tom Eastep
a7dd95d394 Add some info about mis-using Vserver zones 2011-01-23 09:43:35 -08:00
Tom Eastep
228eeabb7d More explainations in the Simple TC doc 2011-01-23 08:36:45 -08:00
Tom Eastep
7b73323301 Add more introductory material to the Simple TC document 2011-01-23 07:53:56 -08:00
Tom Eastep
a2b440b093 Add USE_LOCAL_MODULES option 2011-01-22 08:13:17 -08:00
Tom Eastep
985fd990c6 Update Shorewall-4 with info about shorewall-init 2011-01-22 07:30:40 -08:00
Tom Eastep
d0858f6034 Add module-loading section to Shorewall-lite doc 2011-01-21 15:49:28 -08:00
Tom Eastep
3a2da73808 Document INCLUDE changes in the basics doc 2011-01-15 15:56:20 -08:00
Tom Eastep
265ca85d02 Allow INCLUDE in extension scripts 2011-01-15 15:43:45 -08:00
Tom Eastep
4a69ad35ee Resolve conflicts -- take 2 2011-01-13 19:24:15 -08:00
Tom Eastep
edde07fd85 Resolve conflects 2011-01-13 19:01:44 -08:00
Tom Eastep
fce558d97e Correct 'shorewall-common' references in the quickstart guides 2011-01-13 18:53:03 -08:00
Roberto C. Sanchez
28682a2428 eliminate obsolete references to shorewall-common 2011-01-13 20:02:19 -05:00
Tom Eastep
08f09d7de0 Deprecate EXPORTPARAMS 2011-01-09 10:12:36 -08:00
Tom Eastep
97672455b2 Correct typo in the FAQ 2011-01-09 09:18:21 -08:00
Tom Eastep
3c4336da58 Enhance DNAT documentation again 2011-01-07 10:27:35 -08:00
Tom Eastep
a8084370b6 Correct bridge example in the OPENVPN doc 2011-01-05 06:57:42 -08:00
Tom Eastep
6a7dad5e18 Merge branch 'master' into 4.4.16
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-12-27 12:32:28 -08:00
Tom Eastep
79cbfd0126 Allow '--' to specify '-' as an action parameter 2010-12-26 17:03:05 -08:00
Tom Eastep
4111432a52 Implement optional action parameters 2010-12-26 16:13:53 -08:00
Tom Eastep
31bd00e42e Document parameterized actions 2010-12-26 08:59:31 -08:00
Tom Eastep
29da130eef Add a note about the SOURCE and DEST columns 2010-12-24 14:03:55 -08:00
Tom Eastep
a51eac91b0 Add documentation for parameterized actions 2010-12-22 15:09:54 -08:00
Tom Eastep
880a94e42f Update documentation regarding Hack removal 2010-12-14 11:19:17 -08:00
Tom Eastep
aba63d5c9b More action/macro documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-12-13 09:06:29 -08:00
Tom Eastep
e8b26236e2 Shuffle the Compiled Program article 2010-12-12 19:00:15 -08:00
Tom Eastep
b786da4abb Document lack of configfiles/ in Debian
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-12-12 08:45:54 -08:00
Tom Eastep
48b00d719e Complete Proxy NDP implementation 2010-12-11 10:04:07 -08:00
Tom Eastep
2f70c0b71a Add Optional/Required interface section to the config basics doc 2010-12-09 10:04:52 -08:00
Tom Eastep
627733d925 Mention DHCPfwd in the DHCP doc - TAKE 2 2010-12-01 11:39:48 -08:00
Tom Eastep
b573826226 Mention DHCPfwd in the DHCP doc 2010-12-01 11:37:40 -08:00
Tom Eastep
c0ba395276 Update IPSEC title
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-11-28 10:00:31 -08:00
Tom Eastep
095345f95c Mention 'weak host model' in the Fool's firewall article 2010-11-27 11:14:51 -08:00
Tom Eastep
681529b664 Clarify 'switch' in the Fool's firewall article 2010-11-27 11:01:20 -08:00
Tom Eastep
2702d7f208 Implement header matching 2010-11-24 10:46:06 -08:00
Tom Eastep
972d00c300 Add another SNAT virtual alias example 2010-11-22 12:04:20 -08:00
Tom Eastep
93f9e8914c Add another SNAT virtual alias example 2010-11-22 11:59:59 -08:00
Tom Eastep
9b31906c6c Update bogus link in the features page 2010-11-21 21:40:56 -08:00