Commit Graph

10743 Commits

Author SHA1 Message Date
Tom Eastep
9f37f09b28 Clean up variable expansion:
1) Centralize code in function expand_variables()
2) Eliminate %rawconfig
3) Correct logic in update_config_file() - the defect was not observable
   but the code was clearly silly
2011-06-25 21:08:32 -07:00
Tom Eastep
47c759d93c Convert %actparms to an array
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-25 11:39:13 -07:00
Tom Eastep
024c1fbd08 Validate first argument to the default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-25 10:51:17 -07:00
Tom Eastep
713af61380 Detect too many parameters to Drop and Reject 2011-06-25 10:38:01 -07:00
Tom Eastep
67b8a10879 Correct parameterized default action in the FAQ 2011-06-25 10:26:45 -07:00
Tom Eastep
5740b69dc6 Fix another empty parameter list issue 2011-06-25 09:46:58 -07:00
Tom Eastep
6cc2503f60 More FAQ updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-25 08:23:32 -07:00
Tom Eastep
961b9b5e6d More FAQ cleanup
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-25 07:44:13 -07:00
Tom Eastep
fe2ef23f04 Correct install.sh
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 21:16:55 -07:00
Tom Eastep
f4acb5fa2f Install annotated and un-annotated config files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 15:13:40 -07:00
Tom Eastep
19c1f388a7 Modify Debian test in update
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 15:01:25 -07:00
Tom Eastep
8b61e4500a Documentation Updates (mostly FAQ)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 13:40:50 -07:00
Tom Eastep
fb2085b0c3 Support 'update' on Debian
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 13:40:32 -07:00
Tom Eastep
6da5380230 Update troubleshooting doc for -T option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 11:48:14 -07:00
Tom Eastep
ca9276fd7e Add quotes on deprecated and obsolete options if appropriate
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 11:47:34 -07:00
Tom Eastep
129d1739d1 Cosmetic changes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 07:58:46 -07:00
Tom Eastep
7583a5c7a3 Use updated values in configuration verification
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 07:22:41 -07:00
Tom Eastep
7ec5f60571 Document FOREWARD->FORWARD typo correction
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 07:21:12 -07:00
Tom Eastep
11b847f3a4 Correct spelling in an error message (FOREWARD -> FORWARD)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 06:22:16 -07:00
Tom Eastep
4c9417d5f6 Add ipset support in Shorewall6 to the highlights section.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-24 06:21:42 -07:00
Tom Eastep
6f68ed5508 Initiate 4.4.21 RC 1 2011-06-23 16:23:52 -07:00
Tom Eastep
cc1b808866 Merge branch 'master' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall 2011-06-23 06:38:59 -07:00
Tom Eastep
ba9a0016a8 Move update_config_file() to before process_shorewall_conf()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-23 06:37:21 -07:00
Tom Eastep
de7d95e7ff Rename 'ipset v4' -> 'ipset v5'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-23 06:36:35 -07:00
Tom Eastep
9fa5e62d4f Rename 'ipset v4' -> 'ipset v5'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 17:09:23 -07:00
Tom Eastep
04d551d8ca Detect ipset V4 and use its syntax
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 16:43:42 -07:00
Tom Eastep
000268f50c Smarten up action.Drop and action.Reject WRT omitted parameters
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 15:45:14 -07:00
Tom Eastep
a5167dcd28 Update header documentation in action.Drop and action.Reject
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 14:27:32 -07:00
Tom Eastep
7ef7490cd6 Change the compiler's default for LEGACY_FASTSTART
- No visible effect since the compiler doesn't use this option
2011-06-22 13:56:17 -07:00
Tom Eastep
1b3d7947b8 Update the .conf file before validating ('update' command)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 12:31:58 -07:00
Tom Eastep
ba7d5fd720 Avoid two-stage processing of shorewall.conf when not updating.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 10:56:25 -07:00
Tom Eastep
106ba52362 Change signature of get_action_params
- Accepts a number of parameters rather than a list
- Change action.Drop and action.Reject accordingly
- Define correct number of parameter variables in action.Drop and action.Reject

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 08:27:01 -07:00
Tom Eastep
0d2e2a14d3 Document additional parameters to standard default actions and DEFAULT in macro files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 08:05:13 -07:00
Tom Eastep
62a75cb98d Fix parameterization of standard default actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 07:51:42 -07:00
Tom Eastep
b43bee2c62 Streamline PERL in action.Drop and action.Reject
- Rename read_action_param => get_action_params
- Allow it to accept a list of indexes and to return a list

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 06:53:15 -07:00
Tom Eastep
bbf853bd1d Cleaner handling of DEFAULTS in a non-action context
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-22 06:11:20 -07:00
Tom Eastep
ece598288f Disallow DEFAULTS in the rules file 2011-06-21 21:00:08 -07:00
Tom Eastep
d51ca478bd Reverse one hunk from empty-parameter fix
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-21 11:45:32 -07:00
Tom Eastep
fe9e2ba28d Correct error message 2011-06-20 19:47:33 -07:00
Tom Eastep
063e21e69f Allow an empty parameter list in an action (e.g., "Action()")
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 19:45:01 -07:00
Tom Eastep
44599530ea Remove warnings about duplicate zone/interface dynamic hosts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 18:27:18 -07:00
Tom Eastep
71d88b93a0 Make IPv6 Dynamic Zone set names unique
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 17:22:34 -07:00
Tom Eastep
7b2cbf2449 Make 'show dynamic <zone>' work correctly with new ipset program
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 17:22:04 -07:00
Tom Eastep
39e74911d8 Improve generated code
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 14:34:26 -07:00
Tom Eastep
ec28bdb5a0 Document Shorewall6 support for dynamic zones.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 14:33:49 -07:00
Tom Eastep
44cbfd8f27 Correct defects found while unit testing IPv6 Dynamic Zones
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 13:33:25 -07:00
Tom Eastep
c112f2381e Document IPv6 Dynamic Zones
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 10:59:14 -07:00
Tom Eastep
119d38c92b Enable dynamic zones for IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 10:41:29 -07:00
Tom Eastep
47264b249e Merge branch 'master' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 07:45:21 -07:00
Tom Eastep
785de281b5 More IPv6 ipset fixes
- use 'family inet6' rather than 'family ipv6'
- Correct one more case of 'iphash' vs 'hash:ip family inet6'
- Encapsulate ipset -N into an 'ensure_ipset()' function

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-06-20 07:43:32 -07:00