Commit Graph

245 Commits

Author SHA1 Message Date
teastep
b0e9a0ce22 Take advantage of --ctorigdstport
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8795 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-10-22 02:14:45 +00:00
teastep
1814ef0201 Add time match support in /etc/shorewall/rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8783 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-10-14 19:37:35 +00:00
teastep
28cc9eec76 Add CONNLIMIT support
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8757 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-10-07 23:23:07 +00:00
teastep
46ec09dddf Update Copyrights
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8659 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-07-27 21:00:08 +00:00
teastep
9f2086530d More DYNAMIC_ZONES erradication
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8572 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-06-16 21:44:45 +00:00
teastep
af3aa96964 DYNAMIC_ZONES=Yes is no longer supported by Shorewall-perl
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8563 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-06-13 02:56:51 +00:00
teastep
f1567e6e3d Beta 1 prep
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8492 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-05-04 00:18:47 +00:00
teastep
0f6d348187 More cleanup of maclist processing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8488 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-04-29 16:58:36 +00:00
teastep
399f08dc22 Better diagnostic on unknown interface in the Maclist file
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8487 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-04-29 15:44:14 +00:00
teastep
b268776cd6 Fix routestopped with ADMINISABSENTMINDED=No
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8440 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-04-19 17:23:59 +00:00
teastep
4b5273c6bb Some minor changes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8424 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-04-15 00:34:44 +00:00
teastep
b46bcd39a1 Formalize zone dynamic chain naming
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8417 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-04-10 23:54:52 +00:00
teastep
8463d54580 Fix one bug plus clean up more chain-to-chain jump generation
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8415 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-04-10 23:09:22 +00:00
teastep
0927fcb95c Add some insurance
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8414 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-04-10 20:37:17 +00:00
teastep
ebd9ce70d0 Fix another ':' parsing bug
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8399 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-04-08 16:08:13 +00:00
teastep
2cfe94c879 Don't respond to IGMP with an ICMP
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8396 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-04-06 22:46:53 +00:00
teastep
8f47e47efa Clean up RFC 1918 change
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8373 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-28 01:47:40 +00:00
teastep
a141478319 Resolve RFC 1918 Mess
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8372 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-28 00:05:25 +00:00
teastep
df41b69a04 Deprecate 'norfc1918' in favor of built-in actions
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8367 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-27 19:45:23 +00:00
teastep
3bc1c7f188 Fix bug with < 3 zones, one or more of them complex
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8303 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-17 22:49:43 +00:00
teastep
9f37f6a4ca Improve behavior of 'norfc1918' in the absense of CONNTRACK_MATCH
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8287 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-13 02:11:18 +00:00
teastep
1e7c0d0947 Bring 4.0 changes to trunk
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8271 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-03-07 00:36:16 +00:00
teastep
aec4134aa1 Fix bug reported by Steven Springl
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8231 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-24 17:05:27 +00:00
teastep
d39cb6c1c1 Make macros auto-commenting
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8213 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-22 23:15:39 +00:00
teastep
d1c9d21074 Fix 'Yes' in 'ALL INTERFACES' nat column
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8204 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-18 18:26:35 +00:00
teastep
433e4a6f51 Generate error on a MAC address in the OUTPUT or POSTROUTING chains
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8203 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-18 17:38:25 +00:00
teastep
3574d2b099 Use function rather than generating name manually
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8167 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-08 19:34:28 +00:00
teastep
94c4b5bd81 Finish optimization changes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8166 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-07 23:47:02 +00:00
teastep
f229aaf5dc Trivial optimization
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8164 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-07 20:47:14 +00:00
teastep
bed37c1965 Update versions
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8148 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-05 23:35:53 +00:00
teastep
5e8f0c120a Update trunk
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8142 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-03 18:52:06 +00:00
teastep
8225910d63 Remove superfluous call from generate_matrix()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8141 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-03 18:47:33 +00:00
teastep
8a6e2f1712 A little optimization in macro handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8136 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-03 00:07:58 +00:00
teastep
2d6e206a5f Long overdue cleanup of validate_interface_file()
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8134 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-02-02 01:27:39 +00:00
teastep
2cd7e2b2fb More sorting by interface number
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8126 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-31 02:33:16 +00:00
teastep
06d3269f7e Order interfaces within zone when generating top-level rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8125 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-30 21:57:39 +00:00
teastep
8ef198b3a6 More optimization
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8124 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-30 18:47:27 +00:00
teastep
b81ae53477 Correct handling of IPSEC; re-order rules slightly
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8123 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-30 16:39:40 +00:00
teastep
2a2a7530c2 Add optimizations in basic chain handling
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8122 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-30 00:03:25 +00:00
teastep
e75be13ff4 Fix exclusion in zone definition
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8121 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-28 21:38:18 +00:00
teastep
4be347d1cc Move 'dynamic' jumps to the INPUT and FORWARD chains
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8117 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-28 19:41:23 +00:00
teastep
3cad33ea20 More defense against silly lists
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8116 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-26 22:15:07 +00:00
teastep
7b4abdba94 Validate comma-separated lists
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8109 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-26 01:07:57 +00:00
teastep
65df4d9f73 Ruleset optimization -- phase I
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8100 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-24 16:22:03 +00:00
teastep
746a00994d Create 'sourceonly' hosts option
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8093 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-22 23:48:03 +00:00
teastep
3f4d773489 Allow DNS names in DEST column of a DNAT rule
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8076 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-17 19:02:40 +00:00
teastep
99a5eba368 Remove delayed insertion of RETURN rules in dnat chain
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8074 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-16 23:24:41 +00:00
teastep
2f96bc5181 More work on DNAT/REDIRECT mess
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8065 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-14 16:34:26 +00:00
teastep
318b4f002d Consult policies when constructing dnat chains; warning when zone specified on NAT-only rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8061 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-13 18:47:06 +00:00
teastep
55a25721e6 More tweaks to DNAT/REDIRECT thingy
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8052 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-01-13 00:41:10 +00:00