extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-07-31 10:48:35 +02:00
Code Issues Packages Projects Releases Wiki Activity
13,080 Commits 104 Branches 736 Tags
a2f1c5724660f3937da0e010cdf88ea70fb6d1e8
Commit Graph

817 Commits

Author SHA1 Message Date
Tom Eastep
a2f1c57246 Add DNSAmp action 
- Allow escaping '@' allowing u32 in action body
- Allow inline matches in actions

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-08-03 15:11:25 -07:00
Tom Eastep
461f7b10ba Detect Arptables JF capability when LOAD_HELPERS_ONLY = No. 
- Move detection of Header Match to its proper ordinal.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-07-20 07:19:02 -07:00
Tom Eastep
2c9eda9cee Add some white space for readability 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-07-19 18:33:02 -07:00
Tom Eastep
64fc3d2e43 Correct a typo that caused iset couter match to be mis-detected 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-07-19 10:27:29 -07:00
Tom Eastep
d0aed87546 Correct IPV6 ipset capabilities checking on 3.14 kernels 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-07-19 10:25:46 -07:00
Tom Eastep
56fa6bd78a Revert "Correct ipset detection on later kernels." 
This reverts commit b207f64a85.
 2014-07-19 10:22:12 -07:00
Tom Eastep
b207f64a85 Correct ipset detection on later kernels. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-07-19 08:55:02 -07:00
Tom Eastep
9f381209d5 Detect HEADER_MATCH when LOAD_MODULES_ONLY=No 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-07-19 07:20:28 -07:00
Tom Eastep
ba3a7d0621 Do not deprecate USE_DEFAULT_RT 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-04-19 07:53:18 -07:00
Tom Eastep
acda5482c4 If USE_DEFAULT_RT isn't specified, make it 'No' 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-04-18 13:22:58 -07:00
Tom Eastep
b3cd9ab15a Default to LOAD_HELPERS_ONLY=Yes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-04-12 11:05:28 -07:00
Tom Eastep
093ff580b5 Deprecate USE_DEFAULT_RT=No. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-03-09 07:48:05 -07:00
Tom Eastep
cea237620a Change USE_DEFAULT_RT default to 'Yes'. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-03-09 07:42:22 -07:00
Tom Eastep
454e53bcfa Reformat preceding patch and correct syntax errors. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-02-25 13:21:23 -08:00
Tom Eastep
66fdc9f6a7 Call directive_callback for directives without '?' 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-02-25 12:48:25 -08:00
Tom Eastep
3e87efc82b Document -t option 
- Also copy compiler directives to the mangle file.
 2014-02-17 12:50:59 -08:00
Tom Eastep
669d15e2cf Implement the -t update option. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-02-15 09:36:13 -08:00
Tom Eastep
2dbcd36a9c Implement BASIC_FILTERS 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-02-04 16:34:03 -08:00
Tom Eastep
42dd8dfee9 Change license to GPLv2+ and update copyrights 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-01-04 09:48:27 -08:00
Tom Eastep
5a7e458104 Backout ematch stuff for now 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-01-03 12:01:56 -08:00
Tom Eastep
7e1a310929 Implement ipset matches in tcfilters 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-01-03 09:35:34 -08:00
Tom Eastep
1771bb75cf Finish ipset match option implementation. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-01-02 14:43:55 -08:00
Tom Eastep
b4847d6a01 New IPSET MATCH extensions 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2014-01-02 09:36:35 -08:00
Tom Eastep
66a04e4819 Allow inline matches with IP[6]TABLES 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-12-29 10:13:00 -08:00
Tom Eastep
c8866ef8bf Correct handling of columns with embedded spaces 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-12-29 08:56:14 -08:00
Tom Eastep
2894bb9656 Move INLINE processing into the Chains module. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-12-16 12:31:35 -08:00
Tom Eastep
4e4e7cac1d Redefine the -i option 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-12-15 11:23:20 -08:00
Tom Eastep
6d72cb3138 Correct update inline 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-12-15 09:32:09 -08:00
Tom Eastep
9abe60bc27 Implement the -i option of upgrade 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-12-14 17:54:10 -08:00
Tom Eastep
33c5893bdb Implement INLINE_MATCHES 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-12-14 13:35:01 -08:00
Tom Eastep
75258083e3 Cleanup of column splitting change. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-12-01 09:24:49 -08:00
Tom Eastep
bf44e514e3 Keep parentheses balanced when splitting a line. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-11-30 14:13:42 -08:00
Tom Eastep
e5d250750b Correct handling of ?SECTION 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-11-27 07:53:33 -08:00
Tom Eastep
d63262a0cb change ZONE2ZONE default to '-'. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-11-24 08:16:28 -08:00
Tom Eastep
3870157898 Issue warning on bare SECTION headings. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-11-24 07:58:02 -08:00
Tom Eastep
80d54ec40b Implement ?SECTION 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-11-18 06:57:54 -08:00
Tom Eastep
0e61c2f210 Correct H323 and netbios-ns handling. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-10-08 09:20:46 -07:00
Tom Eastep
8c4bbf0c85 Implement REAP_OPTION capability 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-10-07 07:54:52 -07:00
Tom Eastep
d7cbd1da21 Allow actions to manipulate the current comment from Perl. 
- Added set_comment()
- moved push/pop_comment() to the :DEFAULT export
 2013-09-23 12:21:44 -07:00
Tom Eastep
dc5c0dc069 Validate default log levels 
- Name the .conf option involved in error messages

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-09-06 16:00:15 -07:00
Tom Eastep
87ae801c15 Use the -w ip[6]tables option when available. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-09-04 10:16:36 -07:00
Tom Eastep
67603c5eb3 Implement REJECT_ACTION 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-09-01 09:14:10 -07:00
Tom Eastep
a10aea280b Add some abbreviations for common commands 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-08-06 07:05:47 -07:00
Tom Eastep
83d1aa6682 Allow OPTIMIZE=All 
- Remove use of literal 4096 from OPTIMIZATION checks.
- Moved constant declarations to the Config module.
- Documented that level 1 is ignored when level 4 is specified.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-07-29 10:08:35 -07:00
Tom Eastep
aabb22a50f Add the TRACK_RULES option 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-07-24 07:22:51 -07:00
Tom Eastep
7aa33c140d Add an AutoBL action with helper AutoBLL 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-07-17 10:19:18 -07:00
Tom Eastep
09240da55a Change the external name of MARK_ANYWHERE to 'Mark in the filter table' 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-07-12 09:45:20 -07:00
Tom Eastep
9535a7d7df Rename 'Trigger' to 'Event' and document 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-07-11 10:39:21 -07:00
Tom Eastep
3c6df56b57 Implement Triggers 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-07-10 13:27:58 -07:00
Tom Eastep
948a7fccc2 Enhance a comment 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2013-07-07 12:52:04 -07:00