Tom Eastep
|
4dc6be6b3b
|
Deprecate A_AllowICMPs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-13 15:09:07 -07:00 |
|
Tom Eastep
|
6ebc8f4266
|
Merge branch '5.1.3'
|
2017-03-13 14:55:23 -07:00 |
|
Tom Eastep
|
c5c4211081
|
Unify actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-13 14:54:25 -07:00 |
|
Tom Eastep
|
4010f9bce4
|
Add multicast to the Deprecated A_Drop and A_Reject actions
- Move A_Drop to deprecated/ directory
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-13 14:18:23 -07:00 |
|
Tom Eastep
|
02bb717d7d
|
Quote SMURF_LOG_LEVEL setting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-13 11:21:13 -07:00 |
|
Tom Eastep
|
046998ed84
|
Tabification of new actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-13 11:19:35 -07:00 |
|
Tom Eastep
|
24a014655b
|
Quote all _DEFAULT settings in the sample .conf files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-13 11:00:29 -07:00 |
|
Tom Eastep
|
0b8945da8e
|
Correctly handle expansion of option names
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-13 10:20:15 -07:00 |
|
Tom Eastep
|
da363880a9
|
Always quote the LEVEL and DEFAULT settings when updating
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-13 09:51:58 -07:00 |
|
Tom Eastep
|
b049d1805d
|
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
Conflicts:
Shorewall/Perl/Shorewall/Config.pm
|
2017-03-13 08:52:01 -07:00 |
|
Tom Eastep
|
037fe490f3
|
Process config options in file order during update.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-12 17:09:41 -07:00 |
|
Tom Eastep
|
a8d7675322
|
Process config options in file order during update.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-12 09:01:22 -07:00 |
|
Tom Eastep
|
b13014c9ab
|
Expand variables in .conf except when upgrading
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-11 11:21:07 -08:00 |
|
Tom Eastep
|
76aef6cb04
|
Correct generation of '! --syn'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-11 08:43:04 -08:00 |
|
Tom Eastep
|
4c72b3ee58
|
Make sure that $LOG_LEVEL is defined
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-10 11:06:23 -08:00 |
|
Tom Eastep
|
d9071c5308
|
Correct $LOG_LEVEL expansion
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-10 10:24:24 -08:00 |
|
Tom Eastep
|
5729be6431
|
Add dropInvalid to BLACKLIST_DEFAULT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-10 09:06:41 -08:00 |
|
Tom Eastep
|
1a381f717c
|
Revert "Remove Multicast from the shorewall6.conf samples"
This reverts commit 655f260cb6 .
|
2017-03-10 08:54:05 -08:00 |
|
Tom Eastep
|
c534c458dd
|
Revert "Remove Multicast from IPv6 Policy Actions"
This reverts commit 85d571d013 .
|
2017-03-10 08:53:54 -08:00 |
|
Tom Eastep
|
61435936fe
|
Correct CONFIG_PATH in IPv6 Universal sample
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-09 14:06:47 -08:00 |
|
Tom Eastep
|
2d4c1411bd
|
Delete the -n option from remote-reload in shorewall(8)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-09 13:17:23 -08:00 |
|
Tom Eastep
|
655f260cb6
|
Remove Multicast from the shorewall6.conf samples
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-09 13:16:52 -08:00 |
|
Tom Eastep
|
85d571d013
|
Remove Multicast from IPv6 Policy Actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-09 13:12:03 -08:00 |
|
Tom Eastep
|
fdb78898fc
|
Make TC_ENABLED=Shared the default in the samples
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-09 13:06:55 -08:00 |
|
Tom Eastep
|
d4c016d9c5
|
'reload' documentation corrections
- Add command synopsis to the manpage
- Correct command synopsis in help output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-09 12:50:30 -08:00 |
|
Tom Eastep
|
3d8d5aa469
|
quote $LOG_LEVEL in shorewall[6].conf files
- Delete AllowICMPs from IPv4 policy action settings
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-08 14:16:24 -08:00 |
|
Tom Eastep
|
49811d24fa
|
Correct convertion of tcrules->mangle when a writable mangle exists
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-07 15:21:45 -08:00 |
|
Tom Eastep
|
fe4aaee1b4
|
Fix typos in action.dropNotSyn
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-07 14:37:08 -08:00 |
|
Tom Eastep
|
0ec7bc846e
|
Correct logging in inline policy actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-07 13:58:14 -08:00 |
|
Tom Eastep
|
dbcd4d9d16
|
Correct typo in action.AllowICMPs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-07 13:57:05 -08:00 |
|
Tom Eastep
|
5a996cbda7
|
Change AllowICMPs to an inline action
Signed-off-by: Tom Eastep <teastep@shorewall.net>
Conflicts:
Shorewall/actions.std
|
2017-03-07 13:56:44 -08:00 |
|
Tom Eastep
|
6019adaae5
|
Change macro.ICMPs to an inline action
Signed-off-by: Tom Eastep <teastep@shorewall.net>
Conflicts:
Shorewall/actions.std
|
2017-03-07 13:54:52 -08:00 |
|
Tom Eastep
|
4f869c3506
|
More manpage updates for tcp:!syn
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-07 11:13:58 -08:00 |
|
Tom Eastep
|
e3c2874b21
|
Modify dropNotSyn to use {proto=6:!syn}
- also make the same change in the rejNotSyn audited case
|
2017-03-07 11:00:39 -08:00 |
|
Tom Eastep
|
e8a0142480
|
Document tcp:!syn support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-07 10:48:24 -08:00 |
|
Tom Eastep
|
a4768776f7
|
Modify rejNotSyn to use new/corrected features
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-07 10:34:15 -08:00 |
|
Tom Eastep
|
8e000b158e
|
Correct the handling of tcp-reset
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-07 10:33:51 -08:00 |
|
Tom Eastep
|
f1d1ab6411
|
Implement tcp:!syn in PROTO column
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-07 10:33:20 -08:00 |
|
Tom Eastep
|
cd103bb715
|
Correct rejNotSyn
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-06 16:01:31 -08:00 |
|
Tom Eastep
|
5f1370f1b4
|
Clear the firewall on Debian systemd 'stop' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-06 11:22:55 -08:00 |
|
Tom Eastep
|
dc53fa2665
|
Correct file/line from ?error
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-06 11:02:06 -08:00 |
|
Tom Eastep
|
71d9a03697
|
Update shorewall[6]-rules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-05 14:29:57 -08:00 |
|
Tom Eastep
|
137d4bcc90
|
Alter logging behavior of Limit
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-05 13:03:57 -08:00 |
|
Tom Eastep
|
356d3fa2dd
|
Correct new directives with respect to omitting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-05 12:09:54 -08:00 |
|
Tom Eastep
|
80d93235b5
|
Eliminate builtin actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-05 12:09:33 -08:00 |
|
Tom Eastep
|
c1e7fce1c5
|
Report the file/line where action invoked
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-05 09:29:00 -08:00 |
|
Tom Eastep
|
63ec936f21
|
Remove determinism sorts
|
2017-03-04 19:05:33 -08:00 |
|
Tom Eastep
|
dabe0bd205
|
Set PERL_HASH_SEED to make compilation deterministic.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-04 18:48:48 -08:00 |
|
Tom Eastep
|
63cf7dd699
|
Revert "Move $test to the config module."
This reverts commit 876d76b294 .
|
2017-03-04 18:45:40 -08:00 |
|
Matt Darfeuille
|
0b3a32b365
|
Change the preferred way to remove sysvinit script
- Correct typo in command
- Correct spacing
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-04 09:03:59 -08:00 |
|