483 Commits

Author	SHA1	Message	Date
Tom Eastep	afaf0d9de8	Trivial optimiation in validate_level() ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-11-13 06:19:40 -08:00
Tom Eastep	28a1087cd4	Cleanup of rewritten validate_level() ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-11-13 05:58:59 -08:00
Tom Eastep	73ed66b9b9	Add ULOG and NFLOG capabilities plus LOGMARK for IPv6 ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-11-12 14:10:48 -08:00
Tom Eastep	d053faadde	Allow convertion of a legacy blacklist configuration ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-11-08 12:59:40 -08:00
Tom Eastep	6108a9cad8	Delete BLACKLISTSECTION ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-11-06 14:46:14 -08:00
Tom Eastep	1091c24348	Implement the BLACKLISTSECTION option ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-11-06 08:43:38 -08:00
Tom Eastep	8b8140cc9f	Add 'Basic Filter' capability ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-11-01 06:34:57 -07:00
Tom Eastep	f3b5d5585f	Correct detection of FLOW_FILTER ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-11-01 06:21:34 -07:00
Tom Eastep	0a5d5821ec	Support additional forms of column/value pair specification ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-10-02 11:45:55 -07:00
Tom Eastep	e728d663f9	Implement IPTABLES_S capability ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-10-01 13:54:52 -07:00
Tom Eastep	f6092ee52d	Eliminate the maxcolumns argument to the split_line functions ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-10-01 11:39:12 -07:00
Tom Eastep	072f4752fc	Get rid of minimum column requirement ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-10-01 09:56:25 -07:00
Tom Eastep	c76957cc39	Reword an error message ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-09-26 08:51:05 -07:00
Tom Eastep	4c7f1a03a0	Catch multiple semicolons on a line. ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-09-26 07:42:44 -07:00
Tom Eastep	9a4dfc4394	Implement an alternate way of specifying column contents. ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-09-25 17:08:53 -07:00
Tom Eastep	40bc6df07a	Correct handling of SWITCH column ... - Handle exclusion - Correctly detect CONDITION_MATCH at compile time - Include condition match in the filter part of a NAT rule Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-09-23 15:01:40 -07:00
Tom Eastep	75b4540d26	Add support for condition match in the rules file ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-09-21 15:20:50 -07:00
Tom Eastep	e46b76789e	Better way of handling environmental variables with embedded quotes. ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-09-11 09:55:25 -07:00
Tom Eastep	8ce60ce825	Don't emit dangerous %ENV entries to the generated script ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-09-10 08:18:46 -07:00
Tom Eastep	0b2a8b12c7	Implement Stateless NAT support. ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-08-14 12:01:17 -07:00
Tom Eastep	97121116a3	Add rawpost table detection ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-08-13 11:14:29 -07:00
Tom Eastep	b1b323191c	Merge branch '4.4.22'	2011-08-11 20:19:47 -07:00
Tom Eastep	786455b287	Unlink .bak file if no changes to .conf. ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-08-11 20:19:30 -07:00
Tom Eastep	4824c9b8ff	Add QUOTA_MATCH capability ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-08-08 14:37:47 -07:00
Tom Eastep	b0fe8e1e60	Merge branch '4.4.22'	2011-08-03 07:20:57 -07:00
Tom Eastep	a548bddea8	Remove she-bang from first line of prog.header* ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-08-03 07:20:34 -07:00
Tom Eastep	679de4ccf6	Apply Orion Poplawski's 'qtnoin' patch ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-08-02 16:51:49 -07:00
Tom Eastep	50a29f6858	Correct detection of OLD_IPSET_MATCH when LOAD_MODULES_ONLY=No ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-08-02 11:58:54 -07:00
Tom Eastep	42ae3ba581	Cleaner fix for TCP_FLAGS_DISPOSITION ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-07-30 06:57:18 -07:00
Tom Eastep	d9fe6e7a42	Handle missing TCP_FLAGS_DISPOSITION setting ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-07-28 15:56:34 -07:00
Tom Eastep	a992ec594a	Accomodate kernel version 3.0 ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-07-27 17:03:27 -07:00
Tom Eastep	bfd63dcace	Revert LOGLIMIT conversion change ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-07-22 07:53:30 -07:00
Tom Eastep	2adf2883d5	Revert addition of do_i functions. ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-07-22 07:23:13 -07:00
Tom Eastep	0791ea6698	Make 'KLUDGEFREE' a global to make it faster to test. ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-07-21 12:57:20 -07:00
Tom Eastep	705ffbca49	Fix for LOGMARK(<list>) ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-07-20 17:33:31 -07:00
Tom Eastep	f8be76f471	Make LOGMARK work without a parameter. ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-07-19 11:57:12 -07:00
Tom Eastep	8b56e16bf9	Fix LOGMARK ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-07-19 06:54:41 -07:00
Tom Eastep	b2305ca9cf	Convert Tunnels file to use irules ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-07-17 11:33:01 -07:00
Tom Eastep	f3f535abac	POC of new rule interface ... Also removed FAKE_AUDIT option Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-07-17 08:35:09 -07:00
Tom Eastep	0f742187ae	Implement intermediate rule representation ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-07-16 09:41:53 -07:00
Tom Eastep	d1b8d7b953	Make perl modules version-neutral ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-07-10 15:10:27 -07:00
Tom Eastep	e1d8d71348	Version to 4.4.22 Beta 1 ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-07-04 09:36:54 -07:00
Tom Eastep	24deabb03f	Merge branch '4.4.21'	2011-07-03 08:48:27 -07:00
Tom Eastep	9691a8ceb3	Don't collapse '-' and '--' in @actparms ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-07-03 08:47:53 -07:00
Tom Eastep	029ac610fe	Merge branch '4.4.21'	2011-07-03 07:23:09 -07:00
Tom Eastep	d31e2d67ba	DEFAULTS directive enforces max number of parameters ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-07-03 07:22:29 -07:00
Tom Eastep	d99090978d	Merge branch '4.4.21'	2011-07-03 06:40:08 -07:00
Tom Eastep	7e3f97c154	Prepare for more parameterized actions ... - Export add_commands, incr_cmd_level and decr_cmd_level by default - Move ensure_audit_chain and require_audit from Rules.pm to Chains.pm - Add get_action_logging() function - Export require_capability and have_capability by default Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-07-03 06:22:51 -07:00
Tom Eastep	ad71faacaa	Correct push_action_params() ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-07-02 17:02:39 -07:00
Tom Eastep	42aa3724af	Trace system calls when debugging ... Signed-off-by: Tom Eastep <teastep@shorewall.net>	2011-07-02 08:37:57 -07:00