Commit Graph

5481 Commits

Author SHA1 Message Date
Tom Eastep
38657d9f98 Support for arptables.
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-04 09:17:57 -08:00
Tom Eastep
90e0c8b717 Don't update mtime on shorewall.conf during update that doesn't change the file
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-02 15:03:07 -08:00
Tom Eastep
f955abe18b Unify IPv4 and IPv6 modules.xtables files
- only difference now is xt_ipp2p

Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-01 08:44:36 -08:00
Tom Eastep
25b2341ecf Add sch_fq_codel to modules.tc
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-01 08:29:41 -08:00
Tom Eastep
aca3ce3c21 Delete blank line
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-01 08:29:02 -08:00
Tom Eastep
34f8125416 Correct a couple of issues with update -D
- shorewall.conf.bak is no longer unlinked
- The mtime of all unaltered files is no longer updated
2012-12-31 12:43:02 -08:00
Tom Eastep
87715e5f0b Correct Typo
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2012-12-31 10:36:27 -08:00
Tom Eastep
4590e25052 Correct modules.xtables
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2012-12-31 08:54:32 -08:00
Tom Eastep
5848d7cab7 Correct helper validation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-30 13:20:56 -08:00
Tom Eastep
5dfc27355e Correct a comment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-29 11:34:12 -08:00
Tom Eastep
115081dda5 Tweak fq_codel documentation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-29 11:20:16 -08:00
Tom Eastep
6d9cca1cff fq_codel
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-29 10:58:11 -08:00
Tom Eastep
51deec115b Correct handling of wildcard interfaces
- chain_base[1] renamed var_base[1]
- $chain replaced by $var in renamed functions
- replace trailing '+' by '_plus' to provide uniqueness
- add sub chain_base() to the Chains module as an identity mapper

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-28 10:39:19 -08:00
Tom Eastep
643f419264 Merge branch '4.5.11'
Conflicts:
	Shorewall/Perl/Shorewall/Rules.pm

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-28 09:02:33 -08:00
Tom Eastep
2009a66bb5 Avoid invalid function name for starting an optional interface
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-28 08:04:06 -08:00
Tom Eastep
ebe4267c49 Rename IGNOREOLDCAPVERSIONS to WARNOLDCAPVERSION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-27 09:58:45 -08:00
Tom Eastep
8b92a59821 Ignore '-m comment' when detecting duplicate rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-27 09:51:33 -08:00
Tom Eastep
f96bc7cc2d Cosmetic cleanup of the .conf manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-27 09:01:37 -08:00
Tom Eastep
8bb6f81dc5 Rename IGNOREOLDCAPS to IGNOREOLDCAPVERSIONS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-27 08:54:22 -08:00
Tom Eastep
01a8ff20d4 Add the xtables modules to modules.xtables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-26 16:06:54 -08:00
Tom Eastep
ef0102e9f1 Add the 'IGNOREOLDCAPS' option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-26 15:48:08 -08:00
Tom Eastep
14bbda14a2 Add some comments describing Config.pm globals
- Also changed $shell from 'my' to 'our'.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-26 10:55:13 -08:00
Tom Eastep
62406e261d Correct typo in shorewall-masq(5)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-26 07:43:06 -08:00
Tom Eastep
bfeea76cf2 Disallow ?FORMAT when $max_format == 1
Signed-off-by: Tom Eastep <teastep@shorewall.net>

Conflicts:
	Shorewall/Perl/Shorewall/Config.pm
2012-12-26 07:37:23 -08:00
Tom Eastep
100e03cf93 Don't set $nocomment in in-line action
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-26 07:06:29 -08:00
Tom Eastep
84cc78c58e Eliminate @comments
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-25 17:00:24 -08:00
Tom Eastep
3f28af80d2 Disallow ?FORMAT when $max_format == 1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-25 08:10:48 -08:00
Tom Eastep
6126ae67e6 Don't apply AUTOCOMMENT or comment continuation to inline actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-24 13:50:26 -08:00
Tom Eastep
575020c851 More comment handling
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-24 13:35:42 -08:00
Tom Eastep
1c212e878f Restore SECTION handling in Accounting File
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-24 13:33:44 -08:00
Tom Eastep
4393a6c603 Eliminate redundant calls to clear_comment.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-24 12:35:08 -08:00
Tom Eastep
fca5b75c5b Merge branch '4.5.11' 2012-12-24 10:30:43 -08:00
Tom Eastep
c942a95d3c Allow ?COMMENT in accounting.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-24 10:15:23 -08:00
Tom Eastep
89ea37e088 Correct nested comments.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-24 10:11:53 -08:00
Tom Eastep
14f8947012 Remove old COMMENT/FORMAT handling
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-24 09:31:20 -08:00
Tom Eastep
15817078b8 Use 'our' for globals to aid debugging.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-23 13:16:54 -08:00
Tom Eastep
0acd93a032 Ensure that action and macro files always allow comment directives.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-23 12:19:30 -08:00
Tom Eastep
4d2379f542 Implement update -D
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-23 10:50:31 -08:00
Tom Eastep
c9eccaf3b8 Implement ?COMMENT directive
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-23 10:49:32 -08:00
Tom Eastep
44a4f6d77d Move COMMENT handling to the Config module.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-22 13:51:24 -08:00
Tom Eastep
e4e61c4193 A more uniform way of handling $max_format
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-22 11:57:25 -08:00
Tom Eastep
0cd0675c98 Always push $file_format and $max_format onto the include stack.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-22 08:15:46 -08:00
Tom Eastep
bc230c00a3 Optimizations in process_compiler_directive()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-22 08:14:46 -08:00
Tom Eastep
96b61ea05c Update documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-21 16:13:23 -08:00
Tom Eastep
dbd55acba2 Update samples, standard Actions and Macros to use ?FORMAT 2012-12-21 15:51:14 -08:00
Tom Eastep
10108b2d6a Convert file processors to use ?FORMAT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-21 15:49:28 -08:00
Tom Eastep
35aeaf340f Implement ?FORMAT directive
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-21 15:31:42 -08:00
Tom Eastep
0eb041d2d1 Correct ?SET error message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-21 15:23:26 -08:00
Tom Eastep
a5debe793f Add $file_format exported variable and handle in the include stack.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-21 15:14:23 -08:00
Tom Eastep
eb20283a55 Replace $1-$5 with @1-@5 in the standard actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-21 14:00:05 -08:00
Tom Eastep
df7785f2e9 Implement user-defined address variables.
- Also correct handling of ${0} & ${chain} in a SWITCH column.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-18 17:58:20 -08:00
Tom Eastep
2869a9a94d Rename add_quotes to join_parts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-15 16:12:03 -08:00
Tom Eastep
3fbe3aad09 Merge branch '4.5.10' 2012-12-14 06:34:45 -08:00
Tom Eastep
7c6fcfccd5 Fix typo on line 21 on the conntrack file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-14 06:33:54 -08:00
Tom Eastep
1cbeaa6a9f Apply Tuomo Soini's tabs patches for the rules files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-13 09:26:09 -08:00
Tom Eastep
b6e699ca5c Factor some common code into a function.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-13 06:46:57 -08:00
Tom Eastep
743478614b Make @0 work correctly again.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-12 13:13:17 -08:00
Tom Eastep
5944b4fc7b Make @chain (@{chain}) a synonym for @0 (@{0})
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-12 11:55:04 -08:00
Tom Eastep
8a0abab4cc Rename 'ALLOWUNKNOWNVARIABLES' to 'IGNOREUNKNOWNVARIABLES'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-12 11:51:31 -08:00
Tom Eastep
5da7db3d5f Implement @-variables.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-12 11:46:38 -08:00
Tom Eastep
14cdaf21fc Handle nested params in push_action_params()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-09 10:45:29 -08:00
Tom Eastep
88d4814209 Merge branch '4.5.10'
Conflicts:
	Shorewall/Perl/Shorewall/Config.pm
2012-12-08 20:54:33 -08:00
Tom Eastep
4d064d6713 Replace spaces with tabs in rules files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-07 16:48:55 -08:00
Tom Eastep
6ab5cfd63a Use split_list2 in isolate_basic_target()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-06 19:12:44 -08:00
Tom Eastep
7190cd1265 Handle nested parens when pushing action parameters.
- Add an optional argument to split_list1 that causes parens to be retained.

Signed-off-by: Tom Eastep <teastep@shorewall.net>

Conflicts:

	Shorewall/Perl/Shorewall/Config.pm
2012-12-06 15:20:10 -08:00
Tom Eastep
61d67a4741 Remove extraneous comment from the rule generated by action.RST
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-06 15:13:46 -08:00
Tom Eastep
5f48e4e531 Handle nested parens when pushing action parameters.
- Add an optional argument to split_list1 that causes parens to be retained.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-06 15:13:14 -08:00
Tom Eastep
0a31d9ba41 Remove extraneous comment from the rule generated by action.RST
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-06 15:10:53 -08:00
Tom Eastep
fdadb57e82 Minor readability improvement
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-05 19:41:18 -08:00
Tom Eastep
56d7b6248b Begin Action Documentaiton Update
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-05 19:07:42 -08:00
Tom Eastep
8139f2ad91 Rename process_conditional() to process_compiler_directive()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-05 14:53:03 -08:00
Tom Eastep
189cd59650 Improve expression evaluation
- Only quote values when there is not an odd number of preceding quotes
- Make address family test return a numeric value
- Unconditionally trace the generated expression if debugging is set.
- Convert an empty expression into '' rather than generate an error.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-05 08:37:50 -08:00
Tom Eastep
4ec47783f1 Detect missing target in merge_levels()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-05 07:52:07 -08:00
Tom Eastep
2875fbb521 Cosmetic change (add a blank line).
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-05 07:51:41 -08:00
Tom Eastep
25c53f5a60 Detect missing target in merge_levels()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-05 07:51:21 -08:00
Tom Eastep
c61c9ba7eb Make expression evaluation more deterministic.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 18:10:19 -08:00
Tom Eastep
2fbbc70e83 Only do SET and RESET when we aren't omitting.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 16:27:18 -08:00
Tom Eastep
c18996b6f5 Implement ?set and ?reset directives
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 14:28:03 -08:00
Tom Eastep
02cbd72a91 Merge branch '4.5.10' 2012-12-04 10:56:09 -08:00
Tom Eastep
60012d1208 Add additional space for the OPTIONS column
- actions and actions.std problem

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 10:54:32 -08:00
Tom Eastep
903e25a91a Add ALLOWUNKNOWNVARIABLES to the sample configurations.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 09:04:34 -08:00
Tom Eastep
8f1e8bf475 Add 'ALLOWUNKNOWNVARIABLES' to the manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 08:50:23 -08:00
Tom Eastep
fb2d876683 Rename $loglevel and $logtag to $_loglevel and $_logtag respectively.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 08:49:59 -08:00
Tom Eastep
a25b3c68ee Rename %symbols to %variables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 08:49:25 -08:00
Tom Eastep
314632f1f4 Unified symbol table for shell variables.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-03 17:18:21 -08:00
Tom Eastep
409f5f2aab Expand variables from the shorewallrc1 then shorewallrc hashes 2012-12-03 15:33:33 -08:00
Tom Eastep
fb0035bdf3 Add ALLOWUNKNOWNVARIABLES option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-03 14:43:35 -08:00
Tom Eastep
72aabef0fa Add $logaction and $logtag as variables usable within actions
- Also make action variables usable in ?if and ?elsif expressions.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-03 12:31:47 -08:00
Tom Eastep
fc3606a489 Prepare for multiple options in actions files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-03 08:17:55 -08:00
Tom Eastep
ad4709cb6d Small effeciency improvement
- Don't check for 'bad match' until it is known that the matches are the same.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-03 06:54:44 -08:00
Tom Eastep
c0abdc1fe8 Add some comments in and around delete_duplicates()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-02 17:31:13 -08:00
Tom Eastep
cd5e9be467 Carefully suppress duplicate rules in all tables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-02 12:20:24 -08:00
Tom Eastep
c05c928c6c Delete adjacent duplicate rules in tables other than 'raw'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-02 09:21:04 -08:00
Tom Eastep
a33cf5cc91 Fix AUTOCOMMENT=No
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-02 08:26:54 -08:00
Tom Eastep
9da507ae98 Remove error messages from 6 actions regarding in-line.
- The compiler now ignores 'inline' for these actions.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-02 07:13:09 -08:00
Tom Eastep
e0e7b2a9f2 Correct action.DropSmurfs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-02 07:11:58 -08:00
Tom Eastep
65676cb865 Support passing log levels inside parameters.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-01 15:06:51 -08:00
Tom Eastep
8ebbdee20f Only look for numerics if a shell variable begins with a number.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-01 12:52:26 -08:00
Tom Eastep
6c1a5b8051 Be more agressive about detecting action recursion.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-01 12:10:06 -08:00
Tom Eastep
cc657e571d Update action templates with new columns.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-01 10:25:10 -08:00