extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-16 04:33:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,222 Commits 104 Branches 736 Tags 55 MiB
b0447b8bd3
Commit Graph

3969 Commits

Author SHA1 Message Date
Tom Eastep
981b503fa4 Bump version to Beta 4 2011-05-22 11:05:22 -07:00
Tom Eastep
c56fe3448a Update release documents 2011-05-22 11:03:57 -07:00
Tom Eastep
529e256856 Assigned unused dev numbers 2011-05-22 10:18:26 -07:00
Tom Eastep
db6091f101 Avoid dependence on 'make' 2011-05-22 09:47:57 -07:00
Tom Eastep
99cb09bd84 Documentation update 1 for AUDIT supportttt 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-21 16:25:38 -07:00
Tom Eastep
83cdf78b18 Replace A_* builtin actions with builtin targets 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-21 15:02:04 -07:00
Tom Eastep
d9b095bdea Document new features 2011-05-21 12:07:23 -07:00
Tom Eastep
71ef1f48e2 Allow auditing of the builtin actions 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-21 10:38:25 -07:00
Tom Eastep
82d6a00c9e Implement some extentions to AUDIT 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-21 09:25:58 -07:00
Tom Eastep
61b5dbbb95 Eliminate cruft left over from when Action.pm and Policy.pm were folded into Rules.pm - Phase II 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-20 10:48:28 -07:00
Tom Eastep
f64e171c19 Eliminate cruft left over from when Action.pm and Policy.pm were folded into Rules.pm 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-20 10:46:18 -07:00
Tom Eastep
ac2e9cce64 Shrink process_actions2 further. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-20 10:28:30 -07:00
Tom Eastep
676af32ebc Simplify a loop in process_actions2() 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-20 10:11:23 -07:00
Tom Eastep
7cbf113ba0 Simplify an RE 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-20 08:33:36 -07:00
Tom Eastep
d15475efae Cleanup of AUDIT before Beta 3 
- Correct merge snafus
- Rename the new actions (e.g., ADROP->A_DROP)
- Correct MACLIST_DISPOSITION logic
 2011-05-20 07:47:35 -07:00
Tom Eastep
e9df13a42b Resolve merge conflicts 2011-05-19 15:10:22 -07:00
Tom Eastep
2e93b95afe Clean up release notes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-19 14:57:16 -07:00
Tom Eastep
5e68dbfa9a Complete first attempt at AUDIT support 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-19 12:06:43 -07:00
Tom Eastep
814494e277 More AUDIT changes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-19 08:35:40 -07:00
Tom Eastep
d2ab27c071 More AUDIT changes 2011-05-18 21:25:57 -07:00
Tom Eastep
ce8df2f66c Revert "Bump version to Beta 3" 
This reverts commit 465e729288.
 2011-05-18 17:50:12 -07:00
Tom Eastep
465e729288 Bump version to Beta 3 2011-05-18 17:08:07 -07:00
Tom Eastep
314921f766 Revert "Set quantum in subordinate SFQ class to the MTU for HFSC parents." 
This reverts commit 5ab6f8e0e5.
 2011-05-18 11:13:50 -07:00
Tom Eastep
166d27f6d4 Minor tweak to blacklisting 
Reverse order of tests for 'from' and 'src'.
Use equivalent logic for generating unknown option error

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-18 11:13:03 -07:00
Tom Eastep
5ab6f8e0e5 Set quantum in subordinate SFQ class to the MTU for HFSC parents. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-18 10:34:46 -07:00
Tom Eastep
0e59932b8d Correct known problems 2011-05-18 10:14:20 -07:00
Tom Eastep
568e54b50d Update version to Beta 2 2011-05-18 09:58:35 -07:00
Tom Eastep
e940f5018e Implement whitelisting. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-18 08:30:01 -07:00
Tom Eastep
cec07a6be5 Don't apply HTB quantum to HFSC 2011-05-17 18:34:41 -07:00
Tom Eastep
8d12e13ff1 Improve wording in the change log 2011-05-17 13:55:00 -07:00
Tom Eastep
495aa9b9ac Implement NFLOG accounting action. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-17 13:42:13 -07:00
Tom Eastep
fd70e73d34 Add ACCOUNTING_TABLE option 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-17 12:51:33 -07:00
Tom Eastep
680ca519ed Correct deletion of ipv6 'shorewall' chain 2011-05-17 11:33:56 -07:00
Tom Eastep
11ff245697 Don't generate refresh rules unless the command is 'refresh' 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-16 13:08:32 -07:00
Tom Eastep
ffe7a1b777 Avoid inconsistencies and errors in refresh 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-16 11:34:41 -07:00
Tom Eastep
30f2fbff60 Issue warning on missing IPSET 2011-05-15 11:48:34 -07:00
Tom Eastep
72a330cba2 Don't emit degenerate tcfilters 2011-05-15 10:57:02 -07:00
Tom Eastep
e459fbf997 Don't allow non-leaf default class 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-15 10:56:46 -07:00
Tom Eastep
3f90f00081 Issue warnings and ignore non-leaf class in tcfilters and tcrules 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-15 10:56:31 -07:00
Tom Eastep
7d25f6356b Augment a comment 2011-05-15 08:45:41 -07:00
Tom Eastep
c247140063 Restore 'our' to a couple of exported variables in the Config module 2011-05-14 14:18:22 -07:00
Tom Eastep
00add745b7 Use -o when copying routing tables 2011-05-14 13:56:39 -07:00
Tom Eastep
05e385a748 Only use 'our' when required 2011-05-14 13:21:31 -07:00
Tom Eastep
0626594cda Restore accuracy of tcclasses diagram 2011-05-14 09:27:51 -07:00
Tom Eastep
7327c24f14 Document that non-leaf tcrules and tcfilters are ignored 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-14 07:22:20 -07:00
Tom Eastep
5f4d40019e Update release notes with relative/absolute path behavior. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-14 06:18:39 -07:00
Tom Eastep
f75961dc63 Ensure absolute path name in LIBEXEC and PERLLIB 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-14 05:31:19 -07:00
Tom Eastep
6d7ebb14b8 Update trunk's release notes and change log with 4.4.19.* corrections 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-13 13:14:29 -07:00
Tom Eastep
9ba9d40b77 More LIBEXEC/PERLLIB fixes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-12 07:42:09 -07:00
Tom Eastep
0614f61347 Fix PERLLIB 2011-05-11 12:58:57 -07:00
Tom Eastep
63d5171ae9 Correct typo 2011-05-11 12:44:48 -07:00
Tom Eastep
539e42aa2e Correct earlier patch 2011-05-09 16:34:31 -07:00
Tom Eastep
bbab1c9682 Ensure USER/GROUP is only specified when SOURCE in $FW 2011-05-09 16:33:34 -07:00
Tom Eastep
359de906ca Refinement to fix for double exclusion 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-09 16:28:53 -07:00
Tom Eastep
1a48dd3eb9 Correct last merged patch 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-08 05:51:58 -07:00
Tom Eastep
93d8b538eb Ensure route to gateway in the main table 2011-05-08 05:43:53 -07:00
Tom Eastep
a1bd664447 Fix issues with 'gawk' 2011-05-08 05:39:07 -07:00
Tom Eastep
afed909e52 Simplify the fix for double exclusion in ipset lists 2011-05-07 06:38:08 -07:00
Tom Eastep
0c59e0231d Correct double-exclusion fix 2011-05-07 06:37:37 -07:00
Tom Eastep
58c25e8517 Let tcfilters deal correctly with hex device numbers 2011-05-05 10:12:20 -07:00
Tom Eastep
59ea511201 Complain if there is no default class defined 2011-05-05 10:12:14 -07:00
Tom Eastep
91d8f39f2e Enforce limits on device and class numbers 2011-05-05 10:11:47 -07:00
Tom Eastep
349960294c Detect double exclusion in ipset expressions 2011-05-05 10:11:30 -07:00
Tom Eastep
368fe46932 Correct Comment 2011-05-05 10:11:22 -07:00
Tom Eastep
d8c2845085 Back out part of TC change 2011-05-05 10:11:13 -07:00
Tom Eastep
9a95bad17e Don't require '0x' on devnum > 10 in tcclasses 2011-05-05 10:06:55 -07:00
Tom Eastep
4300ef3ee2 Fix another couple of bugs with device numbers > 9 2011-05-05 10:06:41 -07:00
Tom Eastep
70151d453a Update release notes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-02 10:16:23 -07:00
Tom Eastep
222c5dbf46 Normalize hex numbers before using them in string comparisons 2011-05-02 10:08:36 -07:00
Tom Eastep
e66d491f11 Correct patch for > 9 interfaces with tcfilters 2011-05-02 10:08:19 -07:00
Tom Eastep
bf10e104b7 Fix bug in tcfilters with device numbers > 9 2011-05-02 07:25:21 -07:00
Tom Eastep
d2407cb7a0 Don't allow IFB classes in tcrules 2011-05-02 07:23:28 -07:00
Tom Eastep
a0b00b4bd6 More fixes for TC 2011-05-01 21:24:52 -07:00
Tom Eastep
3bdde27bd1 Document TC Fixes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-05-01 06:42:37 -07:00
Tom Eastep
61c654634b Correct some TC issues 2011-05-01 06:40:14 -07:00
Tom Eastep
4a4d74b52b Document fix for IPSETs and ORIGINAL DEST 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-04-29 07:25:42 -07:00
Tom Eastep
27f1c494a0 Document restoration of IPSET use in ORIGINAL DEST 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-04-28 12:25:07 -07:00
Tom Eastep
e2b1069c1c Support ipsets in the ORIGINAL DEST column for DNAT and REDIRECT rules. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-04-28 12:22:26 -07:00
Tom Eastep
59024ff49d Delete some blank lines 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-04-24 08:29:28 -07:00
Tom Eastep
67e920eb53 Use del/add for provider ipv6 routes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-04-19 10:56:59 -07:00
Tom Eastep
1bcba8bbc7 Update version of changed Perl modules 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-04-19 10:02:29 -07:00
Tom Eastep
ec8bb8049a Delete/Add routes for NDP rather than replace 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-04-19 09:40:24 -07:00
Tom Eastep
cdf2014ce2 Apply Togan's patch with fixes 
/sbin/shorewall and /sbin/shorewall6 modified
	uninstallers modified
	Additional installer changes

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-04-17 11:20:26 -07:00
Tom Eastep
aca5b33858 Backout my start for a fix for Togan's patch 2011-04-17 09:06:13 -07:00
Tom Eastep
97b7856380 Reverse Togan's patch -- it is woefully incomplete 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-04-17 07:55:30 -07:00
Tom Eastep
46191c9f87 Re-bump versions 2011-04-16 09:15:29 -07:00
Tom Eastep
1430856164 Re-apply Togun's Patch 2011-04-16 08:51:19 -07:00
Tom Eastep
1a0388080f Initiate 4.4.20 
Update versions
    Update release documents
    Apply Togan Muftuoglu's change to increase installation flexibility
 2011-04-16 08:31:46 -07:00
Tom Eastep
4f5970b5f2 Use 'ip route list' rather than 'ip route ls' for busybox compatability 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-04-15 11:15:32 -07:00
Tom Eastep
5126c439a4 Fix a progress message in the installer. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-04-15 11:06:45 -07:00
Tom Eastep
d42a65fd11 Correct one more default route save/restore defect 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-04-15 07:09:34 -07:00
Tom Eastep
0b18c37a91 Fix install.sh bug 2011-04-14 17:00:35 -07:00
Tom Eastep
f2acf4bfe5 Fix install.sh bug 2011-04-14 16:55:56 -07:00
Tom Eastep
4c1fbb67e4 Update release documents 2011-04-14 15:20:15 -07:00
Tom Eastep
dff405683c Correct default route save/restore 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-04-14 12:25:33 -07:00
Tom Eastep
96af7bfed6 Fix the prior commit 2011-04-13 17:56:15 -07:00
Tom Eastep
9a8f411531 Update version to 4.4.19.1 and document corrected problems 2011-04-13 17:22:07 -07:00
Tom Eastep
9008cd960c Fix a silly masq bug 2011-04-13 17:01:22 -07:00
Tom Eastep
16276b9900 Don't assume that all nexthop routes are default routes 2011-04-13 13:57:22 -07:00
Tom Eastep
a0b16e2803 Delete duplicate rule 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-04-13 06:56:17 -07:00