Tom Eastep
|
a7cacdfee3
|
Allow SAVE and RESTORE in the INPUT chain
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-01-20 08:09:09 -08:00 |
|
Tom Eastep
|
111c454193
|
Make leading SHELL case-sensitive
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-01-13 07:04:20 -08:00 |
|
Tom Eastep
|
97846e14de
|
Correct handling of ipsets in one of the PORTS columns
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-01-09 09:28:08 -08:00 |
|
Tom Eastep
|
07c21b8968
|
Add 'primary' provider option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-01-06 09:06:27 -08:00 |
|
Tom Eastep
|
668759edad
|
Catch parameter problems with TARPIT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-01-04 11:09:39 -08:00 |
|
Tom Eastep
|
0f1f54b57b
|
Tweak loopback change
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-01-04 11:00:02 -08:00 |
|
Tom Eastep
|
60d5a177a3
|
Use the 'Iface Match' capability for loopback traffic.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-01-04 09:46:39 -08:00 |
|
Tom Eastep
|
3ed5ced581
|
Correct syntax error introduced in Beta 2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-01-04 08:35:33 -08:00 |
|
Tom Eastep
|
7dd9ccd06b
|
Add the 'loopback' interface option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-01-03 09:22:40 -08:00 |
|
Tom Eastep
|
4a4bfe77ce
|
Implement IFACE_MATCH capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-01-02 09:05:06 -08:00 |
|
Tom Eastep
|
3890b8a884
|
Infrastructure for detecting loopback interfaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-01-02 08:49:38 -08:00 |
|
Tom Eastep
|
551a16d18f
|
Document TARPIT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2015-01-01 09:14:00 -08:00 |
|
Tom Eastep
|
d1b597394f
|
Correct typo (TARPIT_MATCH -> TARPIT_TARGET)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-12-30 10:22:33 -08:00 |
|
Tom Eastep
|
15a2fd14f9
|
Implement TARPIT target
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-12-28 15:23:30 -08:00 |
|
Tom Eastep
|
f96baca780
|
Use the readable representation of the SHA1 digest in the chain table
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-12-27 11:13:10 -08:00 |
|
Tom Eastep
|
1b5f439609
|
Rewrite 'process_actions'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-12-27 09:28:02 -08:00 |
|
Tom Eastep
|
1655054de2
|
Rename 'externalize' to 'external_name'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-12-27 09:19:00 -08:00 |
|
Tom Eastep
|
89877ed3f7
|
Rename 'policy_rules' to 'add_policy_rules'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-12-26 15:58:13 -08:00 |
|
Tom Eastep
|
9649107a8e
|
Rename 'apply_policy_rules' to 'complete_policy_chains'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-12-26 15:53:50 -08:00 |
|
Tom Eastep
|
33eb47a48a
|
Reorder parameters and change identifiers in set_policy_chain()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-12-26 15:47:50 -08:00 |
|
Tom Eastep
|
6a15cead52
|
Cosmetic/commentary changes to the Config Module
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-12-23 15:25:20 -08:00 |
|
Tom Eastep
|
f925358872
|
Minor Compiler Reorganization
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-12-23 12:27:37 -08:00 |
|
Tom Eastep
|
35fc7b34b8
|
Minor code tweak
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-12-20 15:09:21 -08:00 |
|
Tom Eastep
|
79430673b8
|
Correct handling of duplicate states in the mangle file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-12-16 19:08:25 -08:00 |
|
Tom Eastep
|
695db284c0
|
Improve Mark Range Implementation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-12-15 11:19:23 -08:00 |
|
Tom Eastep
|
807b9ca627
|
Revert "Improve handling of mark ranges"
This reverts commit 62f480897e .
|
2014-12-15 09:39:24 -08:00 |
|
Tom Eastep
|
62f480897e
|
Improve handling of mark ranges
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-12-14 09:13:41 -08:00 |
|
Tom Eastep
|
2d7025dcc3
|
Correct mark range handling
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-12-13 08:31:31 -08:00 |
|
Tom Eastep
|
a833815b31
|
Correct IPv6 handling of LOG_BACKEND=LOG
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-11-15 08:56:42 -08:00 |
|
Tom Eastep
|
9241552c52
|
Make emacs sh-mode work better with lib.core
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-11-14 16:28:44 -08:00 |
|
Tom Eastep
|
16c1809ef2
|
Apply Alan Barrett's dhclient patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-11-14 13:39:23 -08:00 |
|
Tom Eastep
|
9a6047b3c4
|
Correct reversed naming of SHA chains
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-11-06 08:18:52 -08:00 |
|
Tom Eastep
|
5b4e3bc07c
|
Accomodate new module names for LOG_BACKEND
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-11-05 12:51:24 -08:00 |
|
Tom Eastep
|
dc3f163e71
|
Change the names of the sha1 chains for uniqueness
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-11-04 17:54:38 -08:00 |
|
Tom Eastep
|
8c0c1bd1e0
|
Omit the 'shorewall' chain from .ip[6]tables-restore-input
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-11-02 08:16:47 -08:00 |
|
Tom Eastep
|
8b825c4c4c
|
Avoid failure of ip[6]tables-restore.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-11-02 07:56:05 -08:00 |
|
Tom Eastep
|
9598ac6fad
|
Correct a couple of problems with -C
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-11-01 10:09:04 -07:00 |
|
Tom Eastep
|
8fb73026c8
|
Replace SAVE_COUNTERS with the -C command option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-11-01 09:37:57 -07:00 |
|
Tom Eastep
|
4546cbaff7
|
Use chains with names derived from a digest to identify ruleset
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-10-31 11:36:53 -07:00 |
|
Tom Eastep
|
a83c146636
|
Cleanup
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-10-30 20:27:06 -07:00 |
|
Tom Eastep
|
2ffc97867c
|
Correct syntax error in the generated script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-10-30 19:59:20 -07:00 |
|
Tom Eastep
|
f08803e293
|
Preserve counts on 'restart' without compilation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-10-30 18:38:45 -07:00 |
|
Tom Eastep
|
3454e10525
|
Add SAVE_COUNTERS option.
- Also implement recover command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-10-30 08:57:56 -07:00 |
|
Tom Eastep
|
edc30fcc8d
|
Process the params file with SHOREWALL_SHELL
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-10-29 12:22:00 -07:00 |
|
Tom Eastep
|
85e5669fc7
|
Rename function interface_up() to interface_enabled()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-10-27 18:38:22 -07:00 |
|
Tom Eastep
|
f5bdc9e7f4
|
Allow two limits in the RATE LIMIT columns
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-10-22 11:21:43 -07:00 |
|
Tom Eastep
|
3bae6e61cf
|
Eliminate syntax errors in the generated script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-10-07 07:53:26 -07:00 |
|
Tom Eastep
|
5204cbc95f
|
Suppress 'No ipsets were saved' warning when SAVE_IPSETS=No
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-10-07 07:50:12 -07:00 |
|
Tom Eastep
|
ea1b8ac63a
|
Correct handling of empty LOG_BACKEND
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-10-07 07:34:55 -07:00 |
|
Tom Eastep
|
820c769499
|
Correct silly bug in last change
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-09-29 07:08:39 -07:00 |
|