Tom Eastep
|
2bebf1c95a
|
Make '&' and '|' work with CONNMARK
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-18 11:30:52 -07:00 |
|
Tom Eastep
|
18573037f9
|
More 'check -r' fixes around Docker
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-18 11:09:39 -07:00 |
|
Tom Eastep
|
818628138b
|
Add MARK and CONNMARK to the %targets table
- Also, sort the table entries
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-18 10:21:35 -07:00 |
|
Tom Eastep
|
2adec0eb65
|
Implement a filename cache for find_file()
- Don't need to search the CONFIG_PATH for re-open of same file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-18 09:45:41 -07:00 |
|
Tom Eastep
|
6ae94767b7
|
Correct a comment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-18 08:31:52 -07:00 |
|
Tom Eastep
|
9f26c010ac
|
Remove embedded Perl from allowInvalid and dropInvalid
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-17 08:59:29 -07:00 |
|
Tom Eastep
|
9ab2310dc8
|
Correct an incorrect comment in process_rules()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-17 08:47:33 -07:00 |
|
Tom Eastep
|
0b5d59870b
|
Remove embedded Perl from Shorewall6 Drop and Reject actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-16 15:07:59 -07:00 |
|
Tom Eastep
|
c9c5f0174c
|
Remove trailing blank lines from action.TCPFlags
|
2016-03-16 14:54:05 -07:00 |
|
Tom Eastep
|
5fc391cb58
|
Document passed() in the config basics document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-15 15:19:21 -07:00 |
|
Tom Eastep
|
da0653cb2f
|
Declare passed() in Shorewall::User rather than importing it from Config
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-15 14:16:15 -07:00 |
|
Tom Eastep
|
65ce6ed226
|
Update modules to use passed() for parameter testing
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-15 12:06:32 -07:00 |
|
Tom Eastep
|
eb9dd3e485
|
Implement passed() in Config.pm
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-15 12:00:56 -07:00 |
|
Tom Eastep
|
796f191d48
|
Don't re-stat action files in process_action()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-15 09:03:36 -07:00 |
|
Tom Eastep
|
71c26beab4
|
Remove dead code (caused by bad test)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-14 17:56:34 -07:00 |
|
Tom Eastep
|
6f04902963
|
Make use of 'state=' in actions a fatal error
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-14 17:55:54 -07:00 |
|
Tom Eastep
|
bd2295c4c3
|
Avoid embedded Perl in the Broadcast action when ADDRTYPE is available
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-14 15:57:32 -07:00 |
|
Tom Eastep
|
901c6d34f6
|
Correct typo in Rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-14 15:56:57 -07:00 |
|
Tom Eastep
|
741da14789
|
Ignore 'state' in the actions file with a warning
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-14 15:46:29 -07:00 |
|
Tom Eastep
|
34c3828b7c
|
Fix action.Related
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-14 15:44:16 -07:00 |
|
Tom Eastep
|
eed7692952
|
Document the state action option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-14 15:15:32 -07:00 |
|
Tom Eastep
|
3c544b20e6
|
Convert the state actions to use the 'state' action option
- Also avoid the CLI having to know about builtin actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-14 14:54:09 -07:00 |
|
Tom Eastep
|
dd547c90a8
|
Implement the 'state' action option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-14 14:30:36 -07:00 |
|
Tom Eastep
|
35fac8c2ea
|
Avoid repeated %actions lookup in process_action()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-14 12:37:45 -07:00 |
|
Tom Eastep
|
513b828788
|
Pass '$prerule' to process_inline()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-14 10:56:07 -07:00 |
|
Tom Eastep
|
28e0cb5335
|
Use filename stored in the actions table
- Avoid a find_file call on each action invocation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-14 10:55:39 -07:00 |
|
Tom Eastep
|
c631173310
|
Eliminate the %inlines table
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-14 10:47:18 -07:00 |
|
Tom Eastep
|
95da427ea8
|
Update manpages for 'audit' actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-13 15:53:31 -07:00 |
|
Tom Eastep
|
2c14b7c9e3
|
Rename %actparms to %actparams
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-13 15:36:38 -07:00 |
|
Tom Eastep
|
8e7af2e95e
|
Additional editing of audit action parameters.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-13 15:28:49 -07:00 |
|
Tom Eastep
|
6be4fd377f
|
Make RST and NotSyn 'audit' actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-13 14:40:12 -07:00 |
|
Tom Eastep
|
44c0bffcd3
|
Add 'audit' option to actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-13 14:39:46 -07:00 |
|
Tom Eastep
|
2c3644a510
|
Make Action/Inline binary options into a bitmap
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-13 14:15:43 -07:00 |
|
Tom Eastep
|
407bc8f8db
|
More prerule fixes in expand_rule()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-13 12:57:23 -07:00 |
|
Tom Eastep
|
2743a411ae
|
Add a jump to DOCKER from OUTPUT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-13 12:51:36 -07:00 |
|
Tom Eastep
|
1a23e840d7
|
Restore NotSyn rule in action.Reject
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-13 12:21:24 -07:00 |
|
Tom Eastep
|
bed747c20b
|
Restore NotSyn and RST logic using perl_action_tcp_helper()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-13 10:49:23 -07:00 |
|
Tom Eastep
|
c2fd48c4c6
|
Include pre-rule matches when the target is a chain
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-13 10:08:17 -07:00 |
|
Tom Eastep
|
054637880b
|
Cleanup of Standard Actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-13 10:06:02 -07:00 |
|
Tom Eastep
|
5f01bc75bd
|
Better fix for $current_param in the INLINE block of process_rule()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-12 18:28:27 -08:00 |
|
Tom Eastep
|
0e59b82503
|
Handle '+' in inline matches the mangle and masq files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-12 17:14:15 -08:00 |
|
Tom Eastep
|
33343aaf17
|
Modify TCP-specific actions to use + in inline_matches
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-12 17:01:52 -08:00 |
|
Tom Eastep
|
90ace544eb
|
Implement '+' to specify inline matches as "early"
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-12 16:39:46 -08:00 |
|
Tom Eastep
|
c36cee28fb
|
Save/Restore $current_param in process_inline()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-12 16:39:08 -08:00 |
|
Tom Eastep
|
df5f34951c
|
Correct actions
- Restore the TCP-related actions
- Correct typo in action.Drop
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-12 15:09:31 -08:00 |
|
Tom Eastep
|
ec2ebee0e6
|
Clear inline matches between calls to process_rule()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-12 15:08:47 -08:00 |
|
Tom Eastep
|
a50c52675b
|
Correct a comment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-12 15:08:04 -08:00 |
|
Tom Eastep
|
bb7b3123df
|
Eliminate ?begin perl ... ?end Perl in many actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-12 12:15:07 -08:00 |
|
Tom Eastep
|
3960fa6e0e
|
Performance tweak to read_a_line()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-12 09:05:30 -08:00 |
|
Tom Eastep
|
a7fda02d88
|
Print lines copied into the generated script when tracing
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-03-11 15:59:49 -08:00 |
|