Tom Eastep
aa47554604
Add 'noupdate' DYNAMIC_BLACKLIST option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-06 10:14:32 -07:00
Tom Eastep
07160c5ed1
Add 'blacklist!' command.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-06 10:13:46 -07:00
Tom Eastep
527533ecb6
Add 'log' option to DYNAMIC_BLACKLIST
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-03 14:28:08 -07:00
Tom Eastep
4ac64a545c
Change log facility to 'daemon'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-03 13:49:10 -07:00
Tom Eastep
6612ea6b8c
Store the exported configuration paramaters in a named array
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-03 11:50:27 -07:00
Tom Eastep
2646ec79a5
Read the params file when processing an 'allow' command
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-03 11:39:42 -07:00
Tom Eastep
023437a0e0
Add target files 5.2.5-Beta1
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-01 10:07:23 -07:00
Tom Eastep
ffb6ac178e
Shorten the disposition in ADD/DEL log messages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-01 09:36:00 -07:00
Tom Eastep
5af7dce96b
Merge branch 'master' of ssh://gitlab.com/shorewall/code
2020-05-31 14:03:23 -07:00
Tom Eastep
eb5bc3d8a4
Create DBL ipset with 'timeout 0'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-05-31 12:37:42 -07:00
Tom Eastep
16a3384a70
Add an example of using 'blacklist ... timeout nnn'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-05-30 19:57:37 -07:00
Tom Eastep
67b421dc00
Correct a comment in the optimize level 8 code
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-05-21 11:37:04 -07:00
Matt Darfeuille
c518887a19
Reflect changes in tools repository
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-05-21 10:40:14 -07:00
Tom Eastep
5493a7e4a6
Merge branch '5.2.4'
2020-05-17 13:20:46 -07:00
Tom Eastep
1093f1ac32
Add target files 5.2.4.5
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-05-14 09:43:10 -07:00
Tom Eastep
7882c87afe
Allow AUTOMAKE to work with symbolic links
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-05-14 09:22:44 -07:00
Tom Eastep
7343b19abc
Clarify the 'optional' interface option.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-05-13 12:30:12 -07:00
Tom Eastep
f27ab4704c
Merge branch '5.2.4'
2020-04-30 11:18:18 -07:00
Tom Eastep
e5e8e6fbc0
Correct logic for deleting ipsets
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-29 13:07:04 -07:00
Tom Eastep
c11b647b1b
Fix defect which prevented dynamic blacklist ipsets from being created
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-29 12:34:41 -07:00
Tom Eastep
5706c5a860
Avoid hang during 'shorewall[6] start'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-29 12:33:50 -07:00
Tom Eastep
fd1d4a3f35
Update Shared Config Doc
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-25 14:48:45 -07:00
Tom Eastep
2bf9048057
Another Debian if_pre-down fix.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-24 16:47:42 -07:00
Tom Eastep
d618fd5812
Remove extraneous whitespace
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-23 20:31:07 -07:00
Tom Eastep
177cdb1b98
Move a block of code to keep function declarations adjacent
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-23 18:37:47 -07:00
Tom Eastep
dddde56454
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
...
# Conflicts:
# Shorewall-init/install.sh
# Shorewall/Perl/Shorewall/Providers.pm
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-23 18:35:11 -07:00
Tom Eastep
9b196e87e9
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
...
# Conflicts:
# Shorewall-init/shorewall-init
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-23 18:27:54 -07:00
Tom Eastep
c30a4fd080
Merge branch '5.2.4' of ssh://server.shorewall.net/home/teastep/shorewall/code into 5.2.4
...
# Conflicts:
# Shorewall/Perl/Shorewall/Chains.pm
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-22 16:27:03 -07:00
Tom Eastep
0a9d2d9a33
Don't install script in if_down.d on Debian
...
- Eliminates need for Debian-specific code in generated script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-22 13:47:09 -07:00
Tom Eastep
39de88563f
Cleanup of Optimize 16 change
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-21 13:02:56 -07:00
Tom Eastep
e14798b4a2
Make OPTIMIZE=16 an order of magnitude faster
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-21 13:02:34 -07:00
Tom Eastep
3042ae815e
Make OPTIMIZE=16 an order of magnitude faster
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-20 15:00:33 -07:00
Tom Eastep
86ebb22dd3
Cosmetic changes to shorewall-init
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-20 10:29:36 -07:00
Tom Eastep
18360471ab
Have Shorewall-init restore ipsets before stopping the firewalls
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-20 09:23:34 -07:00
Tom Eastep
086f7a0e6d
Only destroy ipsets that will be restored
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-20 09:11:03 -07:00
Tom Eastep
057a2dec70
Correct typo with bad consequences
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-19 18:44:19 -07:00
Tom Eastep
16af9ee2de
Revert "Don't install ifupdown script in if-down.d on Debian"
...
This reverts commit 7d4d409799
.
2020-04-19 15:19:13 -07:00
Tom Eastep
cabadd4846
Honor 'wait=<seconds> when enabling an interface.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-19 14:31:12 -07:00
Tom Eastep
3c06be28be
Delete unnecessary check if IPv6 interface_is_usable()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-19 12:28:16 -07:00
Tom Eastep
7d4d409799
Don't install ifupdown script in if-down.d on Debian
...
- Proper location for the script is if-post-down
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-19 12:18:44 -07:00
Tom Eastep
32ca53706c
Don't run the 'up' command twice when an dual-stack interface comes up
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-18 12:44:19 -07:00
Tom Eastep
0adb9c8f87
Don't run the 'up' command twice when an dual-stack interface comes up
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-18 12:43:27 -07:00
Tom Eastep
381d55760b
Don't install ifupdown script in /etc/network/if-down.d on Debian
...
- Network Manager sets PHASE=post-down when calling our updown script
so we must process down commands in that phase.
- Modify the generated script to eliminate PHASE checks.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-18 11:42:32 -07:00
Tom Eastep
88a799b860
Allow IFUPDOWN=1 to work on Debian
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-18 11:27:15 -07:00
Tom Eastep
5101a6be4a
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
2020-04-18 09:36:20 -07:00
Tom Eastep
15ca726c49
Add target files 5.2.4.1
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-17 17:56:06 -07:00
Tom Eastep
27510d9ed6
Add a comment to clarify where info comes from
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-16 15:20:24 -07:00
Tom Eastep
f832846a8d
Remove extraneous white space
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-16 14:05:07 -07:00
Tuomo Soini
64bf5882db
ifupdown: only handle up and down state changes
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-16 14:02:15 -07:00
Tuomo Soini
6841fc9eb2
Ignore 'start' and 'stop' if firewall product is active
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-04-16 13:32:19 -07:00