extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-24 00:23:28 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,155 Commits 104 Branches 736 Tags 55 MiB
9b127e6e06
Commit Graph

2404 Commits

Author SHA1 Message Date
Tom Eastep
70f46c02cc Fix logging NAT rules 2009-08-05 12:48:14 -07:00
Tom Eastep
9ce5887269 Restore LAST LINE to those files that are processed by the shell 2009-08-05 07:59:32 -07:00
Tom Eastep
e91d3dd905 More LAST LINE deletions 2009-08-05 07:38:02 -07:00
Tom Eastep
02b950dc9e Update the Notices page to reflect an earlier release date for 4.4 2009-08-03 14:49:51 -07:00
Tom Eastep
999a00dc77 Remove need for '-v-1' when compiling to stdout 2009-08-03 11:20:34 -07:00
Tom Eastep
3efaef813f Update version to 4.4.0 2009-08-03 10:16:37 -07:00
Tom Eastep
bdb69876ee Add migration issue for nested zones 2009-07-29 16:55:05 -07:00
Tom Eastep
489e09a4d7 Propagate super option to parents 2009-07-29 15:33:47 -07:00
Tom Eastep
4af6c7650e Correct handling of nested IPSEC zone 2009-07-29 14:35:27 -07:00
Tom Eastep
8d8920e7ad Disallow ipsec zones nested within an ip zone 2009-07-29 07:49:06 -07:00
Tom Eastep
19736bcdbd Update version to RC2 2009-07-28 13:45:26 -07:00
Tom Eastep
f2f8cab962 Make 'any' a reserved zone name 2009-07-26 12:29:37 -07:00
Tom Eastep
26cb2b1eeb Allow Shorewall6 to recognize TC, IP and IPSET 2009-07-26 12:26:49 -07:00
Tom Eastep
2d45a35c8f Make PREFIX work under Cygwin - Take 2 2009-07-25 07:44:53 -07:00
Tom Eastep
eed9df1c06 Make PREFIX work under Cygwin 2009-07-25 07:30:08 -07:00
Tom Eastep
c028fefa30 Fix 'disable_ipv6 -- take 2 2009-07-24 17:27:42 -07:00
Tom Eastep
fde24c16df Fix 'disable_ipv6 2009-07-24 16:58:49 -07:00
Tom Eastep
c77f462d2d Delete prog.functions and prog.functions6 2009-07-24 14:51:24 -07:00
Tom Eastep
45fffc7261 Replace 'edit' by 'validate' in compiler parameter handling logic 2009-07-22 10:43:53 -07:00
Tom Eastep
264126e9f5 Fix syntax error in last change 2009-07-22 10:43:15 -07:00
Tom Eastep
7f790e3aa2 Don't call generate_matrix() during 'check' 2009-07-21 14:13:26 -07:00
Tom Eastep
4fd338f3ca Fix 'rpm -U' from earlier versions 2009-07-21 12:32:25 -07:00
Tom Eastep
902d6e0d45 A couple of cosmetic fixes 2009-07-21 06:57:11 -07:00
Tom Eastep
2146a356a6 Fix .spec to re-add the init symlinks during an upgrade 2009-07-21 06:53:00 -07:00
Tom Eastep
0204ea46a6 Ensure that move_rules doesn't crash in NONAT case 2009-07-16 15:59:59 -07:00
Tom Eastep
55045ace4b Optimize nonat rules in certain cases 2009-07-16 11:05:37 -07:00
Tom Eastep
f16b2300b6 Remove references to Shorewall-shell, Shorewall-perl and prior Shorewall versions from the manpages 2009-07-15 17:50:55 -07:00
Tom Eastep
9c2966448e Fix NONAT of sub-zone 2009-07-15 15:59:53 -07:00
Tom Eastep
8e9bef0a61 Fix routing with no providers 2009-07-15 13:03:49 -07:00
Tom Eastep
3bd9d31c05 Correct NOROUTE logic when no providers 2009-07-15 12:32:26 -07:00
Tom Eastep
17f61ad1c6 Optimize creation of /etc/iproute2/rt_tables 2009-07-15 12:22:31 -07:00
Tom Eastep
8f57a5d7a2 Some minor tweaks to the Providers module 2009-07-14 16:12:59 -07:00
Tom Eastep
d64b526319 Come cleanup of the Chains module 2009-07-13 16:54:39 -07:00
Tom Eastep
887a643f9e Initiate RC1 2009-07-12 10:06:57 -07:00
Tom Eastep
75861185e0 Minor typo/cosmetic corrections 2009-07-12 09:26:25 -07:00
Tom Eastep
4d09aa0ff4 Remove duplicate macro GIT and update OpenVZ Doc 2009-07-10 11:31:33 -07:00
Tom Eastep
5bd3d710b7 Push version to Beta 4 2009-07-09 16:41:10 -07:00
Tom Eastep
bdd124b504 Derive IP6TABLES from IPTABLES 2009-07-09 10:29:56 -07:00
Tom Eastep
2142e92f8a Remove add_command and replace all calls with calls to add_commands 2009-07-06 18:38:39 -07:00
Tom Eastep
0bb1fbd9c4 Make DISABLE_IPV6=No the default for released shorewall.conf files 2009-07-06 18:38:10 -07:00
Tom Eastep
f88048ebe4 More revert conflicts 2009-07-06 18:23:23 -07:00
Tom Eastep
bab4f9df33 Resolve revert conflicts 2009-07-06 18:08:17 -07:00
Tom Eastep
16006e0425 Ensure that PATH is exported 2009-07-01 14:02:00 -07:00
Tom Eastep
81188bce1c Update release notes 2009-06-30 09:01:05 -07:00
Tom Eastep
4a98936290 Update home page for Beta 3 2009-06-30 07:06:47 -07:00
Tom Eastep
bc85b615ba More new macros 2009-06-29 21:05:23 -07:00
Tom Eastep
0afd7f3a6f More new macros 2009-06-29 21:00:34 -07:00
Tom Eastep
26aa8ba504 Delete DISABLE_IPV6 option 2009-06-29 18:33:44 -07:00
Tom Eastep
050375b211 Delete DISABLE_IPV6 option 2009-06-29 18:33:13 -07:00
Tom Eastep
9dbafc59d0 Fix 'findgw' 2009-06-29 08:14:53 -07:00
Tom Eastep
d32d677028 Add macro.OSPF 2009-06-28 06:18:43 -07:00
Tom Eastep
bc89604ba2 Add macro.OSPF 2009-06-28 06:17:48 -07:00
Tom Eastep
0b08186056 Fix a typo in the release notes 2009-06-27 13:46:50 -07:00
Tom Eastep
f264510729 Minor corrections to release notes 2009-06-27 10:27:30 -07:00
Tom Eastep
25c2403f48 Update version to Beta 3 2009-06-27 08:26:41 -07:00
Tom Eastep
b2b6633ced More on port list split/validation 2009-06-26 15:05:35 -07:00
Tom Eastep
cb681ab5ca Fix for source port counting 2009-06-26 10:31:43 -07:00
Tom Eastep
900cfa0def 1) Cosmetic change to compiler.pl 
2) Make 'purge_jump' handle '-g <target>' correctly
3) Minor effeciency changes to Chains.pm
 2009-06-26 09:46:15 -07:00
Tom Eastep
40bb8283d2 Verify the availability of the LOG target 2009-06-25 13:50:27 -07:00
Tom Eastep
ca15ead9ab Remove '#LAST LINE' from config files 2009-06-25 06:24:49 -07:00
Tom Eastep
2f01fc9a3e Fix 'show dynamic' -- take 2 2009-06-24 15:41:15 -07:00
Tom Eastep
f4338b52fe Fix 'show dynamic' 2009-06-24 15:28:43 -07:00
Tom Eastep
6eb202666c Fix for mis-configured interfaces 2009-06-24 08:58:37 -07:00
Tom Eastep
c85eacb863 Add new macros 2009-06-23 14:47:49 -07:00
Cristian Rodríguez
1967f9cbb4 Merge branch 'master' of ssh://judas_iscariote@shorewall.git.sourceforge.net/gitroot/shorewall 2009-06-21 18:58:27 -04:00
Tom Eastep
bd55a545b5 Rename lib.user to lib.private 2009-06-20 09:35:08 -07:00
Tom Eastep
f991e28308 Remove Shorewall-shell syntax from the tos manpage 2009-06-19 15:06:56 -07:00
Tom Eastep
01d046fac9 Add lib.user extension script 2009-06-19 14:39:45 -07:00
Tom Eastep
117116eb4e Add USER/GROUP column to /etc/shorewall/masq 2009-06-19 08:00:26 -07:00
Tom Eastep
dcb4ca61a5 Add iptrace/noiptrace commands 2009-06-17 12:03:05 -07:00
Cristian Rodríguez
9e246996ad Merge branch 'master' of ssh://judas_iscariote@shorewall.git.sourceforge.net/gitroot/shorewall 2009-06-17 12:39:38 -04:00
Tom Eastep
927aa5f0e8 Additional fix up of optional interface handling. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2009-06-17 09:39:35 -07:00
Tom Eastep
b99444ab8b Make new optional interface code work with shared providers 2009-06-17 07:30:01 -07:00
Cristian Rodríguez
b714605663 Add new GIT macro 2009-06-16 22:12:56 -04:00
Tom Eastep
3483e8052a Small optimization in lookup_provider() 2009-06-16 15:52:38 -07:00
Tom Eastep
64fd1167d1 replace a couple of instances of 'which' with 'mywhich'; relocate some global variable code 2009-06-16 15:39:04 -07:00
Tom Eastep
c00195e62a Replace '_IS_UP' with '_IS_USABLE' 2009-06-16 14:25:13 -07:00
Tom Eastep
2a7491ebf2 More work on optional interfaces 2009-06-16 14:03:15 -07:00
Tom Eastep
1e98ec52a0 Fix typo in release notes 2009-06-16 12:36:32 -07:00
Tom Eastep
6064d9e681 Document that 'continue' is no longer released 2009-06-16 09:51:32 -07:00
Tom Eastep
58b2488459 Clean up 'upnpclient' implementation 2009-06-16 09:43:22 -07:00
Tom Eastep
abe07c9fae Add 'upnpclient' interface option 2009-06-15 13:34:35 -07:00
Tom Eastep
b6410902a0 Relocate code that sets provider variables 2009-06-15 12:25:20 -07:00
Tom Eastep
8eb6ab7cc9 Set optional interface variables when there are no providers 2009-06-15 12:07:18 -07:00
Tom Eastep
c96db9a01c Set optional provider variables when NOROUTE is true 2009-06-15 11:35:46 -07:00
Tom Eastep
440cc08802 Fix ORIGINAL DEST issue 2009-06-15 08:45:34 -07:00
Tom Eastep
f723bc2ef1 Restore find_interface_by_mac() 2009-06-15 07:33:41 -07:00
Tom Eastep
894d4e5aa5 Update version to Beta2 2009-06-15 06:50:21 -07:00
Tom Eastep
4f675e2e18 Update release documents 2009-06-15 06:49:57 -07:00
Tom Eastep
48452fcc23 Delete 'continue' file 2009-06-15 05:51:21 -07:00
Tom Eastep
d0230e205d Remove '-h' from install.sh help text 2009-06-15 05:50:23 -07:00
Tom Eastep
a6d2497653 Integerize r2q before using it in a 'qdisc add' command 2009-06-14 14:29:12 -07:00
Tom Eastep
f02cddd780 Restore find_first_interface_address and find_first_interface_address_if_any 2009-06-14 13:40:27 -07:00
Tom Eastep
7440cd7d21 Correct 'help' in compiler.pl 2009-06-14 13:39:42 -07:00
Tom Eastep
e2ae6453ac Replace 'Shorewall-perl' with 'Shorewall' 2009-06-13 07:07:55 -07:00
Tom Eastep
265e4fa546 First cut at 4.4 2009-06-12 15:51:43 -07:00
Tom Eastep
1025ca6002 Refine ee0667c9da slightly 2009-06-12 07:34:31 -07:00
Tom Eastep
ee0667c9da Fix mnemonic handling in tcfilters 2009-06-12 07:27:08 -07:00
Tom Eastep
a1330cbfdf Purely cosmetic change in the Actions module 2009-06-10 14:31:22 -07:00
Tom Eastep
d079e69a1b Correct Typo in 2-interface IPv6 Sample shorewall6.conf 2009-06-09 07:59:23 -07:00
Tom Eastep
bcdcee42e2 Fix typo in release notes 2009-06-07 15:23:18 -07:00
Tom Eastep
91b0e5aaa1 Update version and release docs to start work on 4.3.13 2009-06-07 10:52:53 -07:00
Tom Eastep
bed38c72cf Fix syntax error in Debian init scripts 2009-06-07 08:36:37 -07:00
Tom Eastep
cb77458070 Allow INITLOG to be set in /etc/default/shorewall[6]; fix syntax error in Zones module 2009-06-07 08:07:56 -07:00
Tom Eastep
be8b352ee7 Cleanup of STDERR redirection; Update module versions 2009-06-05 15:12:59 -07:00
Tom Eastep
c7210be5f0 Update slackware fireall script to redirect STDERR 2009-06-05 14:37:26 -07:00
Tom Eastep
69c78676ad Redirect STDERR to log 2009-06-05 13:49:23 -07:00
Tom Eastep
a8dc934443 Revise init.devian.sh handling 2009-06-05 13:05:17 -07:00
Tom Eastep
9ee0d05507 Update version to 4.3.12 2009-06-05 11:53:01 -07:00
Tom Eastep
c370dc650c Remove support for 'norfc1918' and it's associated settings in shorewall.conf 2009-06-05 10:51:30 -07:00
Tom Eastep
ed5dc806cc Switch Debian installs to use STARTUP_LOG 2009-06-05 08:46:58 -07:00
Tom Eastep
7621859e0f Fix 'findgw' 2009-06-04 13:03:56 -07:00
Tom Eastep
910a91bf47 Add 'return 0' to start file 2009-06-04 10:37:26 -07:00
Tom Eastep
93b2227ce6 Add FAQ 36 re: BANDWIDTH_IN 2009-06-03 17:11:14 -07:00
Tom Eastep
7b20cf2af9 Fix 'shorewall reset' 2009-05-31 10:21:37 -07:00
Tom Eastep
7ecd3f0437 Correct previous commit 2009-05-29 07:21:51 -07:00
Tom Eastep
f2cb2cca9e Suppress duplicate progress messages 2009-05-29 07:03:24 -07:00
Tom Eastep
d33532d6cd Add TOS field to tcfilters 2009-05-28 16:41:14 -07:00
Tom Eastep
97fa7a0513 Add LENGTH column to tcfilters file 2009-05-28 14:29:33 -07:00
Tom Eastep
d35274d7d9 Minor cosmetic change to the source 2009-05-28 14:04:42 -07:00
Tom Eastep
7418e27308 Deimplement ipset binding support 2009-05-28 07:22:48 -07:00
Tom Eastep
d0d999488b Fix silly bug in capabilities detection 2009-05-28 06:42:47 -07:00
Tom Eastep
0bd3b0c0af Clarify requirement for RT parameters 2009-05-24 16:58:41 -07:00
Tom Eastep
a0071a21e8 Tweak and document HFSC implementation 2009-05-24 10:06:36 -07:00
Tom Eastep
d97a96b350 First implementation of HFSC queuing discipline 2009-05-23 17:07:57 -07:00
Tom Eastep
787caa7f32 First implementation of HFSC queuing discipline 2009-05-23 17:04:39 -07:00
Tom Eastep
4cf2c1b59f Avoid 'large quantum' warnings during start/restart 2009-05-23 09:04:06 -07:00
Tom Eastep
110b6a613d More code structure cleanup -- Providers. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2009-05-22 13:55:39 -07:00
Tom Eastep
d6c8cd5d3e Warn if 'proxyarp' specified on a non-loose provider 2009-05-21 09:39:43 -07:00
Tom Eastep
e82716baf4 shorewall.conf rationalization 2009-05-20 16:29:23 -07:00
Tom Eastep
bddf78ded5 Missing user exists from Shorewall6 2009-05-20 13:40:42 -07:00
Tom Eastep
142fab8d46 Some documentation updates 2009-05-20 07:54:17 -07:00
Tom Eastep
5236a793a9 Simplify shorewall.spec 2009-05-19 17:31:12 -07:00
Tom Eastep
ad6b47d3bf More code rationalization 2009-05-19 17:11:56 -07:00
Tom Eastep
2c25deeccf Add additional extension script files -- second phase 2009-05-19 17:11:31 -07:00
Tom Eastep
dba5f719c0 Add additional extension script files 2009-05-19 17:10:42 -07:00
Tom Eastep
20805a6e46 Add Traceroute Macro for IPv6 2009-05-15 17:22:33 -07:00
Tom Eastep
f75f4158b3 Add 'findgw' user exit 2009-05-11 14:35:20 -07:00
Tom Eastep
b9fb023208 Correct typo in comment 2009-05-11 07:04:08 -07:00
Tom Eastep
f9689d0b47 Merge branch 'master' of ssh://teastep@shorewall.git.sourceforge.net/gitroot/shorewall 2009-05-10 12:24:07 -07:00
Tom Eastep
3162eff925 Support version 3 of dhclient 2009-05-10 12:22:23 -07:00
Tom Eastep
e97f7a622c Update version to 4.3.11 2009-05-10 07:08:47 -07:00
Tom Eastep
b94d2e1d42 Revert "Update version to 4.3.11" 
This reverts commit b0b47e7f30.
 2009-05-10 07:06:47 -07:00
Tom Eastep
b0b47e7f30 Update version to 4.3.11 2009-05-10 07:04:18 -07:00
Tom Eastep
887fee7618 Merge branch 'master' of ssh://teastep@shorewall.git.sourceforge.net/gitroot/shorewall 
Conflicts:

	Shorewall/changelog.txt
	Shorewall/releasenotes.txt
 2009-05-09 10:03:33 -07:00
Tom Eastep
be9573d30f Fix 'start' with AUTOMAKE=Yes 2009-05-09 10:00:33 -07:00
Tom Eastep
e1771ebead Externalize the 'flow' classifier 2009-05-08 14:05:27 -07:00
Tom Eastep
8f1ea63711 Make traffic shaping work better with IPv6 2009-05-08 13:30:47 -07:00
Tom Eastep
0e94016462 Delete error message -- it's also occurring on 2.6.28 2009-05-08 13:19:48 -07:00
Tom Eastep
7766855e98 More comments about failing 'tc filter add' command 2009-05-08 08:12:54 -07:00
Tom Eastep
ff26ff4697 Fix 'iprange' command 2009-05-07 07:21:46 -07:00
Tom Eastep
d66fc7a7e1 Add warning when successful tc command returns non-zero exit status 2009-05-07 07:19:25 -07:00
Tom Eastep
c9538bbdee Minor code cleanup in Tc 2009-05-06 13:40:18 -07:00
Tom Eastep
71480f38e2 Complete prior commit. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2009-05-06 09:49:06 -07:00
Tom Eastep
202d5f800e 1) Avoid multiple pri 65535 fw filters 
2) Fix tcdevices > 9
3) Add some decimal/binary comments

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2009-05-06 09:47:13 -07:00
Tom Eastep
56016ca1bb Improve interface number assignment 2009-05-06 07:07:38 -07:00
Tom Eastep
83bef182b1 Update some module versions 2009-05-05 18:11:49 -07:00
Tom Eastep
2125f3140f Allow upper case A-F in Hex numbers 2009-05-05 16:23:37 -07:00
Tom Eastep
df42a82b01 Minor cosmetic improvements 2009-05-05 16:00:12 -07:00
Tom Eastep
404a7250b0 Some early code cleanup 2009-05-05 15:43:38 -07:00
Tom Eastep
11962560fe Start 4.3.11 release documentation 2009-05-05 14:21:34 -07:00
Tom Eastep
5758ba3f69 Fix SCTP source port filtering 2009-05-05 14:13:05 -07:00
Tom Eastep
94a7df0cd5 Pass many fewer arguments while processing providers file and route_rules file 2009-05-05 11:38:45 -07:00
Tom Eastep
1b380fbbab Pass many fewer arguments while processing masq rules 2009-05-05 11:31:47 -07:00
Tom Eastep
e68b571abe Pass many fewer arguments while processing accounting rules 2009-05-05 11:25:56 -07:00
Tom Eastep
293987a383 Pass many fewer arguments while processing traffic shaping files 2009-05-05 11:23:01 -07:00
Tom Eastep
a23fc3c46c Pass many fewer arguments while processing a record in /etc/shorewall/rules 2009-05-05 11:14:53 -07:00
Tom Eastep
c05071afc4 Another class number decimal/hex fix 2009-05-05 08:24:02 -07:00
Tom Eastep
624c24f2c0 Sequentially assign class numbers when WIDE_TC_MARKS=Yes 2009-05-05 07:50:46 -07:00
Tom Eastep
8f6130cca4 Update to nested classes; document nested classes in the release docs 2009-05-04 16:03:14 -07:00
Tom Eastep
03cd8350dc Initial implementation of nested classes 2009-05-04 14:19:09 -07:00
Tom Eastep
d3cd3ea26c Remove obsolete test 2009-05-04 13:25:21 -07:00
Tom Eastep
c7352303f4 Clean up documentation 2009-05-04 13:14:25 -07:00
Tom Eastep
5b6769a722 Fix release documents re IPMARK; correct encode/decode 2009-05-04 12:04:04 -07:00
Tom Eastep
2db6130c26 Disallow 'occurs' with 'classify'; allow '<devname>:<classnum>' in tcclasses 2009-05-04 09:48:22 -07:00
Tom Eastep
13d3f86e23 Correct clearing of marks in POSTROUTING so that IPMARK works in the FORWARD table 2009-05-04 08:54:20 -07:00
Tom Eastep
b02dc1692f Clean up latest occurs effort 2009-05-03 17:05:02 -07:00
Tom Eastep
f533468da0 Resolve merge conflicts 2009-05-03 09:56:13 -07:00
Tom Eastep
79adcb964f Cosmetic improvements in tcclasses processing 2009-05-03 09:03:00 -07:00
Tom Eastep
90b07d849d Fix compile for export 2009-05-03 09:01:33 -07:00
Tom Eastep
16826aeb31 Remove IPMARK support 2009-05-03 08:38:27 -07:00
Tom Eastep
626b60ff0e Add error check 2009-05-02 17:28:50 -07:00
Tom Eastep
5e4196dafb Fix occurs suffix handling 2009-05-02 16:19:50 -07:00
Tom Eastep
4a9a8534e3 Finish fast per-IP classifier 2009-05-02 16:01:48 -07:00
Tom Eastep
3e0a55f072 Fix 'all' in the SOURCE of DNAT- rules 2009-05-02 13:23:29 -07:00
Tom Eastep
2aecb9ac12 More tcfilter readability improvements 2009-05-02 10:47:23 -07:00
Tom Eastep
8216a4e721 Simplify tcfilter generation -- take 2 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2009-05-02 09:46:54 -07:00
Tom Eastep
ababc533f1 Revert "Vastly simplify generation of tc filters" 
This reverts commit 22da513b3a.
 2009-05-02 09:33:21 -07:00
Tom Eastep
22da513b3a Vastly simplify generation of tc filters 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2009-05-02 09:25:27 -07:00
Tom Eastep
992b0bf00f Correct minor class construction description 2009-05-02 07:03:25 -07:00
Tom Eastep
c937d3b1c0 More documentation about compiling to STDOUT 2009-05-01 11:38:52 -07:00
Tom Eastep
24e49e682b Offer advice about how to avoid new masq SOURCE warning 2009-05-01 07:15:16 -07:00
Tom Eastep
f693224d93 Update release notes 2009-04-30 09:27:34 -07:00
Tom Eastep
c1cf1695c0 Deprecate interface names in the SOURCE column of /etc/shorewall/masq 2009-04-29 15:13:22 -07:00
Tom Eastep
2c09282ca3 Merge branch 'master' of ssh://teastep@shorewall.git.sourceforge.net/gitroot/shorewall 2009-04-27 20:38:36 -07:00
Tom Eastep
7cf5c32358 Treat Class IDs as hex rather than as decimal numbers 2009-04-23 12:43:57 -07:00
Tom Eastep
7cd9a2a983 Replace 'pref' by 'prio' in 'tc xxx add' commands 2009-04-21 16:44:41 -07:00
Tom Eastep
05d1d2ab68 Minor wording change to release notes 2009-04-21 14:08:15 -07:00
Tom Eastep
b6090948dd Allow compile to STDOUT 2009-04-21 09:41:23 -07:00
Tom Eastep
e465fea86a Better fix for '-0x...' handling 2009-04-21 07:08:47 -07:00
Tom Eastep
846af27ebf Fix Steven's other nit regarding -0x... 2009-04-20 20:39:38 -07:00
Tom Eastep
82bf6eb3f5 Revise WIDE_TC_MARKS classid generation 2009-04-20 17:54:33 -07:00
Tom Eastep
dcee6562a2 Fix another bug reported by Steven Springl 2009-04-20 16:35:48 -07:00
Tom Eastep
34791612b5 Implement WIDE_TC_MARKS. Fix problems reported by Steven Springl. 2009-04-20 13:26:47 -07:00
Tom Eastep
58fa0fe114 Clean up of shared optional provider fix 2009-04-20 10:28:18 -07:00
Tom Eastep
ec04636c86 Correct handling of optional shared providers 2009-04-20 08:30:15 -07:00
Tom Eastep
aa4afa6b66 Prepare 4.3.10 2009-04-19 17:37:36 -07:00
teastep
a5c25bea19 More documentation 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9941 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-19 20:41:46 +00:00
teastep
e076cf00f9 Add 'encode' and 'decode' commands 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9940 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-19 19:58:04 +00:00
teastep
8d450e673c Change classid generation algorithm 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9939 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-19 19:56:04 +00:00
teastep
e934ce9d85 Document IPMARK support in release documents 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9938 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-19 17:25:14 +00:00
teastep
0bb8fffcd9 Add support for IPMARK -- Phase II 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9937 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-19 16:47:40 +00:00
teastep
32a1ac87f5 Add IPMARK target support -- first phase 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9936 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-19 15:46:57 +00:00
teastep
3cb7186e90 Modify regression test to ensure that modification timestamp of the output file changes 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9935 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-19 14:19:40 +00:00
teastep
322a5de871 Recommit lost commit 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9934 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-18 18:48:28 +00:00
teastep
834064f3af Cosmetic improvement to generated script 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9933 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-18 16:32:45 +00:00
teastep
985c551d26 Add IP, TC and IPSET configuration options 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9932 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-18 16:28:25 +00:00
teastep
b8988a2171 Handle empty setup_common() 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9930 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-18 16:20:06 +00:00
teastep
be41b99ae8 Allow Shorewall6 on kernel 4.2.24 
Signed-off-by: Tom Eastep <teastep@shorewall.net>


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9929 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-18 16:19:31 +00:00
teastep
47387d085d Another go-around with the macro.template file 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9927 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-18 16:18:40 +00:00
teastep
032f8dc004 Add 'FORMAT 2' to the macro template file 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9925 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-18 16:17:42 +00:00
teastep
0cc60ea021 Avoid 'Invalid BROADCAST address' errors 
Signed-off-by: Tom Eastep <teastep@shorewall.net>


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9919 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-17 22:57:59 +00:00
teastep
fd7108784f Allow Shorewall6 on kernel 4.2.24 
Signed-off-by: Tom Eastep <teastep@shorewall.net>


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9908 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-17 16:04:54 +00:00
teastep
058e03e791 Another go-around with the macro.template file 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9905 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-17 16:04:04 +00:00
teastep
5d5b73dafc Add 'FORMAT 2' to the macro template file 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9902 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-17 16:03:16 +00:00
teastep
ade958dd51 Add undocumented LOGMARK log level 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9851 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-12 15:22:19 +00:00
teastep
347090da6e Correct netmask generation in tcfilters 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9850 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-12 15:22:00 +00:00
teastep
97e61965c0 Fix another inversion case 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9846 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-11 21:48:34 +00:00
teastep
de037034a5 Bump version to 4.3.9 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9845 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-11 15:31:25 +00:00
teastep
9bfc7b6d99 Tiny optimization. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9844 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-11 15:28:50 +00:00
teastep
c39fcc4db7 Optimization of log rule code 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9843 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-10 20:36:22 +00:00
teastep
b734d3af31 Fix subtle bug introduced in last commit 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9842 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-10 20:36:09 +00:00
teastep
20cfd0033c Fix a 4.3 bug in expand_rule(). 
Don't repeat matches on target rule when log chain is used.

Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9841 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-10 19:47:39 +00:00
teastep
28e84a6aba Break up long port lists in jump to logging chain 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9840 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-10 16:31:04 +00:00
teastep
e0040f4011 Small optimizations in expand_rule() 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9837 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-10 16:16:25 +00:00
teastep
ff014f328b Correct usage text 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9836 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-10 16:15:36 +00:00
teastep
8278203e03 Remove one argument from expand_rule() 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9835 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-09 22:21:48 +00:00
teastep
f20013898e Don't use -g when the target might not be terminating 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9834 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-09 20:18:11 +00:00
teastep
ae169f00a7 Implement rules that also log as a separate chain. Preserve original target in logging rules 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9833 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-09 18:45:21 +00:00
teastep
7d2b410904 Correct rule generation when an interface is specified as the destination of a PREROUTING rule. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9831 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-08 03:37:15 +00:00
teastep
28b6fd8033 Simplify hashlimit match code 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9830 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-07 18:15:51 +00:00
teastep
36e0c85f5f Require the Hashlimit Match capability for per-IP rate limiting 
Use the current key words in the generated hashlimit match

Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9828 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-07 17:36:23 +00:00
teastep
cd1f5d3c83 Document the hashlimit feature 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9827 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-07 17:35:06 +00:00
teastep
c545e65cea First part of 'hashlimit' implemenation 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9826 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-07 03:23:01 +00:00
teastep
b1e9453c62 The other half of the re-implementation of 'enable/disable_object' 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9825 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-07 03:22:49 +00:00
teastep
0744df13d6 Reimplement object_enable/disable 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9824 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-07 03:22:30 +00:00
teastep
b6053d8577 Fix second bug regarding ADD_IP_ALIASES=Yes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9823 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-07 03:22:16 +00:00
teastep
eb533d8b00 Make SHOREWALL_COMPILER=perl explicit in shorewall.conf 
Send SHOREWALL_COMPILER errors to STDERR

Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9822 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-07 03:22:02 +00:00
teastep
4b419186bc Add note about documentation to release highlights 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9805 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-04 17:22:17 +00:00
teastep
52b0b4e602 More removal of SAVE_IPSETS=Yes logic 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9804 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
 2009-04-04 17:22:06 +00:00