Commit Graph

146 Commits

Author SHA1 Message Date
teastep
d34d2e1393 Handle traffic from IPSEC hosts before traffic from non-IPSEC zones
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1669 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-09 00:06:45 +00:00
teastep
acc389ff68 Add AllowICMPs action and invoke from Drop and Reject
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1668 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-08 00:17:55 +00:00
teastep
aeb3d2cea2 Add AllowICMPs action and invoke from Drop and Reject
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1666 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-07 22:56:35 +00:00
teastep
ce9fa5ae75 Add 'sourceroute' interface option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1658 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-10-03 00:44:12 +00:00
teastep
7a74380f7e Fix log rule number generation and implement LOGTAGONLY
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1649 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-25 17:18:25 +00:00
teastep
d8d466530f Fix DELAYBLACKLISTLOAD=No
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1637 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-23 14:30:54 +00:00
teastep
e330130881 Avoid double-setting proxy arp flags
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1630 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-16 19:30:54 +00:00
teastep
b28d49a397 DELAYBLACKLISTLOAD
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1623 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-15 20:04:36 +00:00
teastep
0a87d4db6a Allow bang range; relax OpenVPN source port restriction
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1621 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-13 22:16:15 +00:00
teastep
ec8e01d09c Add RETAIN_ALIASES option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1620 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-11 16:16:34 +00:00
teastep
4ea801abb5 Fix complex proxy arp handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1618 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-10 21:41:10 +00:00
teastep
247b48533c Remove 'logunclean' and 'dropunclean'
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1615 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-09 20:42:50 +00:00
teastep
6f48c5e030 Fixes for iprange implementation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1614 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-09 20:18:49 +00:00
teastep
31d3885f4e Add support for CLASSIFY
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1610 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-08 20:13:31 +00:00
teastep
876b519b1a Add iprange support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1609 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-08 18:46:57 +00:00
teastep
07bc13f983 Allow ip range in the rule SOURCE
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1608 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-07 21:51:02 +00:00
teastep
5cf57190fb Fix shorewall.spec so that Shorewall will start up at boot
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1606 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-06 23:46:26 +00:00
teastep
b86d3f03d9 Don't NAT tunnel traffic
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1605 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-06 19:58:10 +00:00
teastep
0649e6ad70 Verify physdev match if BRIDGING=Yes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1602 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-05 23:43:08 +00:00
teastep
3ede79187f Fix tcrules PROTO processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1593 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-09-02 17:12:39 +00:00
teastep
8aab6ce8c6 Apply Richard Musil's patch
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1589 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-29 17:21:16 +00:00
teastep
0875484d8f Update for 2.1.7
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1586 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-27 22:16:22 +00:00
teastep
daae61131e Add user accounting; add SNAT/MASQ port remapping
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1579 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-26 20:59:39 +00:00
teastep
420c4803bd Add negative policy tests
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1570 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-21 21:47:16 +00:00
teastep
414356a535 Update for 2.1.6
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1563 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-20 18:02:59 +00:00
teastep
d282947ccf Add IN and OUT SA options
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1561 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-20 15:37:56 +00:00
teastep
83ad53d6bf Deprecate the -c option in /sbin/shorewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1560 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-19 22:22:49 +00:00
teastep
16487eb51a New IPSEC Options
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1554 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-18 22:29:09 +00:00
teastep
af8baff5cb Apply policy to interface/host option rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1546 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-16 16:28:44 +00:00
teastep
e034b345ea Update release nodes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1545 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-15 20:18:49 +00:00
teastep
bbe514b417 Add 'allowBcast' standard action
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1539 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-14 20:44:15 +00:00
teastep
fae7312553 Relax source port = 500 ISAKMP restriction
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1538 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-14 19:03:10 +00:00
teastep
24e6d1191d IPSEC 2.6 Fixes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1537 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-14 18:39:09 +00:00
teastep
7d85e8d36c Back out DNAT ONLY change; fix new IPSEC
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1536 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-14 16:05:28 +00:00
teastep
a193b7bbba Remove SNAT in DNAT rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1532 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-11 00:17:54 +00:00
teastep
3aff092003 Add DNAT ONLY column to /etc/shorewall/nat
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1531 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-10 20:18:15 +00:00
teastep
c8cc0c0212 Add note about the renaming of the LEAF/Bering file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1527 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-09 14:52:35 +00:00
teastep
11c1e325ef Update for Shorewall 2.1.3
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1525 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-07 15:27:52 +00:00
teastep
84cb8c445d First Cut at Kernel 2.6 IPSEC Support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1522 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-06 15:35:05 +00:00
teastep
d8a733aac0 Bring forward some changes from 2.0.8; Improve error messages; Implement STARTUP_ENABLED
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1519 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-08-02 21:48:40 +00:00
teastep
f82055bca8 More cleanup of action logging
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1502 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-28 19:22:00 +00:00
teastep
bd6192dc18 First cut of new action logging implementation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1500 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-28 02:36:40 +00:00
teastep
4ad2796b2b All Shorewall config files except shorewall.conf are now empty
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1495 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-25 01:30:09 +00:00
teastep
3e90e68a7a All Shorewall config files except shorewall.conf are now empty
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1494 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-24 22:17:13 +00:00
teastep
c17a49ff86 All Shorewall config files except shorewall.conf are now empty
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1493 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-24 22:14:58 +00:00
teastep
997c722946 Allow overriding ADD_IP_ALIASES
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1480 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-15 20:29:06 +00:00
teastep
5de1720a9e SNAT Enhancements
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1471 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-13 00:33:30 +00:00
teastep
081bd461a2 PKTTYPE ported from 2.0.6
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1470 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-12 13:01:55 +00:00
teastep
da3e9e46db Fix more $RESTOREBASE bugs; fix COMMAND typos
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1462 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-10 17:03:31 +00:00
teastep
2b3606dd25 Fix logging nat rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1455 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-07-06 20:41:53 +00:00