Tom Eastep
9b3b4579a2
Change TRACK_RULES setting from Internal to File
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-24 16:15:36 -08:00
Tom Eastep
3e404b765f
Make .ip[6]tables-restore-input comments conditional
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-23 17:04:52 -08:00
Matt Darfeuille
c85ced09af
Corrected sysconfig files
...
Removed unnecessary lines in sysconfig files
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-19 09:25:37 -08:00
matt darfeuille
f1ed963077
Shorewall 5.0.4 Beta 2
...
Hi Tom,
Some unnecessary lines need to be removed from the sysconfig files.
I made some more changes to the init.openwrt.sh scripts(lite and
lite6)
Attached as sysconfig-lite.patch!
In order to be able to use the build50 script I had to make a few
changes(attached as build50.patch):
- Adding a variable BASEDIR (to build shorewall in a subdirectory)
BASEDIR=$PWD
and doing:
$BASEDIR/annotate.pl
and so on ...
- Adding a variable
CYGWINSTYLESHEET
and modifying the script to use this new variable(added cygwin clause
in case statement)
- Adding a variable GITRELEASEDIR and modifying the lines around
624(to specify an other name for the release repo)
from
../release/
to
../$GITRELEASEDIR/
- Added line to remove unnecessary *.bak files
- Added an if statement if a subdirectory is used when patches are
created
question/request:
Would it be possible to use the build50 script without the '-t'
option?
That way only the packages would be built but the tarballs wouldn't
be created.
-Matt
On 12 Jan 2016 at 7:57, Tom Eastep wrote:
> Shorewall 5.0.4 Beta 2 is now available for download.
>
> New Feature since Beta 1:
>
> 1) The mangle file now supports an DIVERTHA action that provides
> support for HAProxy.
>
> To setup the HAProxy transparent configuration described at
>
> http://www.loadbalancer.org/blog/setting-up-haproxy-with-transparent-mode-on-centos-6-x ,
> place this entry in shorewall-providers(5):
>
>
> #NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS
> TProxy 1 - - lo - tproxy
>
> and use this DIVERTHA entry:
>
> #ACTION SOURCE DEST PROTO ...
> DIVERTHA - - tcp
>
> Thank you for testing,
> -Tom
> --
> Tom Eastep \ When I die, I want to go like my Grandfather who
> Shoreline, \ died peacefully in his sleep. Not screaming like
> Washington, USA \ all of the passengers in his car
> http://shorewall.net \________________________________________________
>
>
-------------- Enclosure number 1 ----------------
>From ca4c854433e1c4c5870ea3e71225e5df8da4e255 Mon Sep 17 00:00:00 2001
From: Matt Darfeuille <matdarf@gmail.com>
Date: Wed, 13 Jan 2016 21:28:47 +0100
Subject: [PATCH 1/2] Modified lite and lite6.init.openwrt.sh
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-14 16:36:21 -08:00
Tom Eastep
12513e24a3
Revert "Implement dynamic actions"
...
This reverts commit 8075ba719a
.
2016-01-13 11:04:41 -08:00
Tom Eastep
8075ba719a
Implement dynamic actions
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-13 09:33:38 -08:00
Tom Eastep
3828eb856b
Rename HADIVERT to DIVERTHA
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-08 15:36:10 -08:00
Tom Eastep
e29e2d117d
Documentation updates
...
- update LSM section of the Multi-ISP article
- Correct formatting of HAPROXY examples
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-08 08:33:42 -08:00
Tom Eastep
ad2f20b824
Finish HAProxy support
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-06 09:12:33 -08:00
Tom Eastep
ee6a1dadbb
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2016-01-05 10:48:48 -08:00
Tuomo Soini
da93669245
Revert "shorewall6*.service: make sure shorewall and shorewall6 won't start at same time"
...
This reverts commit ff821e57c2
.
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-01-05 20:18:25 +02:00
Tuomo Soini
ff821e57c2
shorewall6*.service: make sure shorewall and shorewall6 won't start at same time
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-01-05 12:04:46 +02:00
Tuomo Soini
c447ddd03e
systemd service: rename pre214 systemd versions to pre214 and remove separeate 214 variants
2016-01-05 12:01:21 +02:00
Tom Eastep
0c66e5f1b2
More Openwrt support in Shorewall-init from Matt Darfeuille
...
- Also, various cleanup in install/uninstall scripts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-04 15:45:21 -08:00
Tom Eastep
89d91d37a1
Add Shorewall-init installer support for OpenWRT
...
- Supply sysconfig files for all products
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-27 16:47:31 -08:00
Tom Eastep
c9f57ad9c9
Update manpages for ADD timeout
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-24 09:20:42 -08:00
Tom Eastep
4b893b2fd6
Install/uninstall fixes from Matt Darfeuille
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
Conflicts:
Shorewall-init/install.sh
2015-12-05 11:56:16 -08:00
Tom Eastep
8e7f001f7e
Update manpages for column renaming
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-04 14:53:26 -08:00
Tom Eastep
46434e45b6
Change to IP_FORWARDING=keep in shorewall6.conf files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-02 11:28:04 -08:00
Tom Eastep
2c1786422e
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2015-11-28 09:04:46 -08:00
Tom Eastep
b087cee7f0
Redefine MODULESDIR
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-28 08:36:12 -08:00
Tuomo Soini
948175124b
accounting: there must be more room for ACTION, SOURCE, and DEST
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-27 22:33:03 +02:00
Tuomo Soini
b25a8e4b2d
shorewall: use real field names in config file headers
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-16 18:16:17 +02:00
Tom Eastep
7b54e5e1a6
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2015-11-10 07:50:33 -08:00
Tuomo Soini
d0d34568d1
Shorewall6: reduce number of lines on config headers
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-09 23:09:37 +02:00
Tom Eastep
7fb00e0dfe
Remove the routestopped files and their manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-09 07:28:46 -08:00
Tuomo Soini
f095e6f31d
configfiles: unified configuration file formatting
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-09 10:24:20 +02:00
Tuomo Soini
8aefb3a998
Shorewall6: upgrade conntrack to ?VERSION 3
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-09 09:44:31 +02:00
Tuomo Soini
e74ff0ecd9
more cleanup to config files.
2015-11-02 00:03:38 +02:00
Tom Eastep
1c29240eb9
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2015-11-01 11:31:53 -08:00
Tom Eastep
3973cdf0da
Merge branch '5.0.1'
2015-10-28 14:35:27 -07:00
Tuomo Soini
31cdd6dbcb
Shorewall6/configfiles/stoppedrules: use standard description
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-10-28 10:48:48 +02:00
Tuomo Soini
8133de1695
Shorewall6/configfiles/conntrack: fix config file header to common format
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-10-27 22:08:38 +02:00
Tuomo Soini
74180f83b9
Shorewall6/configfiles: remove empty lines and fix blrules header to common format
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-10-27 22:04:49 +02:00
Tom Eastep
35b90c2709
Update documentation for 'remote-' vs. 'remote_'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-27 08:16:06 -07:00
Tom Eastep
69dd7ce0b9
Add 'persistent' provider option - Phase II
...
- Also allow the creation of 'persistent' routing rules and routes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-25 16:45:11 -07:00
Tuomo Soini
8771041a63
shorewall6: remove version from restored
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-10-13 12:51:00 +03:00
Tuomo Soini
dc7082b7a1
shorewall[6]: remove version from shorewall6 and macros
2015-10-13 12:17:18 +03:00
Tom Eastep
a8e4671668
Remove version from config files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-12 15:02:50 -07:00
Tom Eastep
0dbe756e93
Manpage and Shorewall-5 changes for RESTART
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-12 13:49:24 -07:00
Tom Eastep
72d4637c22
Replace LEGACY_RESTART with RESTART
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-12 11:45:58 -07:00
Tom Eastep
bb538a7c10
Merge branch 'master' into 5.0.0
...
Conflicts:
Shorewall-core/lib.common
Shorewall-core/shorewallrc.debian.systemd
Shorewall-lite/shorewall-lite.service.debian
Shorewall/Perl/Shorewall/Chains.pm
Shorewall/Perl/Shorewall/Compiler.pm
Shorewall/Perl/Shorewall/Config.pm
Shorewall/Perl/Shorewall/Misc.pm
Shorewall/Perl/Shorewall/Raw.pm
Shorewall/Perl/Shorewall/Tc.pm
Shorewall/Perl/compiler.pl
Shorewall/Perl/prog.footer
Shorewall/lib.cli-std
Shorewall/manpages/shorewall-mangle.xml
Shorewall/manpages/shorewall.conf.xml
Shorewall/manpages/shorewall.xml
Shorewall/shorewall.service.debian
Shorewall6-lite/shorewall6-lite.service.debian
Shorewall6/manpages/shorewall6-mangle.xml
Shorewall6/manpages/shorewall6.conf.xml
Shorewall6/manpages/shorewall6.xml
Shorewall6/shorewall6.service.debian
docs/MultiISP.xml
docs/Shorewall_Squid_Usage.xml
2015-10-12 10:55:36 -07:00
Tom Eastep
1db3bfb53e
Manpage updates
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-10 13:19:41 -07:00
Tom Eastep
7dd9beeeae
Remove FORMAT specifications from macros and actions
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-22 12:39:22 -07:00
Tom Eastep
1b2a43e5ea
Merge branch '5.0.0' of ssh://git.code.sf.net/p/shorewall/code into 5.0.0
2015-09-12 12:31:45 -07:00
Tom Eastep
1b571f3d86
Correct the reset command
...
- Also allow chain names to be specified a la the refresh command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-11 14:16:16 -07:00
Tuomo Soini
53dfe442c1
systemd: add reload to unit files
...
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-09-10 14:15:16 +03:00
Tom Eastep
7be4190e4c
Man page updates for the PROBABILITY column in the masq files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-08 18:00:53 -07:00
Tom Eastep
0db233bf7c
Correct shorewall6 mangle man page
...
- Replace 'TTL' by 'HL'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-08 12:26:29 -07:00
Tom Eastep
426636458c
Correct shorewall6 mangle man page
...
- Replace 'TTL' by 'HL'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-08 12:25:59 -07:00
Tom Eastep
17d1caf8c5
Allow tags in global LOG_LEVELs
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-06 16:08:59 -07:00
Tom Eastep
07976556ed
More inline match documentation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-03 09:45:39 -07:00
Tom Eastep
682a449e7b
Correct more Mangle examples
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-02 13:08:05 -07:00
Tom Eastep
ba3dba78ff
Correct more Mangle examples
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-02 13:07:20 -07:00
Tom Eastep
ed90360b4c
Remove all of the update-specific options from the update command
...
Leave -i and -A
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-31 14:21:41 -07:00
Tom Eastep
60e08322c5
Update man pages for 'minute' and 'second' in LOGLIMIT specifications
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-31 11:14:37 -07:00
Tom Eastep
10cda4cee7
Update man pages for 'minute' and 'second' in LOGLIMIT specifications
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-27 15:49:59 -07:00
Tom Eastep
dc2406d25b
update -t also converts the 'tos' file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-26 13:51:02 -07:00
Tom Eastep
b2b3300ebf
Correct the shorewall6-hosts man page
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-26 12:30:08 -07:00
Tom Eastep
1d8873d3d5
Correct the shorewall6-hosts man page
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-26 12:28:57 -07:00
Tom Eastep
f9ae28aeea
The -t option also converts the 'tos' file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-24 14:56:24 -07:00
Tom Eastep
eae492cef5
Some rules manpage updates
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-22 09:24:47 -07:00
Tom Eastep
2451c14d8c
Some rules manpage updates
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-22 08:27:52 -07:00
Tom Eastep
a30fdb356d
Update man pages for required '?' in COMMENT, SECTION and FORMAT lines
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-22 08:00:38 -07:00
Tom Eastep
f4776bf388
Eliminate WIDE_TC_MARKS, HIGH_ROUTE_MARKS and BLACKLISTNEWONLY
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-21 12:42:19 -07:00
Tom Eastep
26fca41e27
Eliminate discontinued files and manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-20 15:17:48 -07:00
Tom Eastep
c59cb1351c
Update manpages for new update options
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-20 11:08:10 -07:00
Tom Eastep
8bdea65325
Update manpages for new update options
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-13 16:12:28 -07:00
Tom Eastep
3b59e46799
Restore Debian-specific service files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-12 10:19:07 -07:00
Tom Eastep
2162d79b5f
Manual Page Uptates
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-03 15:09:16 -07:00
Tom Eastep
8bed5c9d65
Drop support for the IPSECFILE option
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-03 10:11:52 -07:00
Tom Eastep
037e92a60e
Eliminate some config options
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-01 14:28:12 -07:00
Tom Eastep
2165f746e6
Update .conf documents for 'reload'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-01 12:58:08 -07:00
Tom Eastep
ef9e75753a
Restore .214 files
...
- Also merge Debian changes from 4.6.12
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-01 11:23:35 -07:00
Tom Eastep
85648bded1
Deimplement several .conf options
...
- LOGRATE/LOGBURST
- EXPORTPARAMS
- LEGACY_FASTSTART
2015-08-01 11:11:35 -07:00
Tom Eastep
67589cab69
More version changes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-28 10:59:11 -07:00
Tom Eastep
f40373d60c
Update config file version and copyrights
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-28 10:50:19 -07:00
Tom Eastep
fa7248c58c
Add the LEGACY_RESTART option.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-27 09:19:52 -07:00
Tom Eastep
0a7c65ae0d
Allow connlimit by destination
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-26 14:26:58 -07:00
Tom Eastep
34f58bd6ac
Correct formatting in the rules file man pages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-26 11:36:14 -07:00
Tom Eastep
cecc81ce82
Update .service files
...
- make the .214 versions the default and remove the ones name *.214
- Add 'ExecReload' to all but Shorewall-init
- Create Debian-specific versions with /etc/default rather than /etc/sysconfig
2015-07-26 10:58:03 -07:00
Tom Eastep
f9ec0c6930
New 'reload' and 'restart' semantics
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-26 09:59:49 -07:00
Tom Eastep
df817b6d2c
Correct formatting in the interfaces man pages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-13 13:06:53 -07:00
Tom Eastep
3d325431ff
Change Default IPv6 .conf to specify INLINE_MATCHES=No
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-06 14:49:20 -07:00
Tom Eastep
0414166d6d
'show connections' enhancement
...
- Allow tayloring of the entries displayed by specifying conntrack
-L options.
2015-06-29 14:55:47 -07:00
Tom Eastep
7153146759
Don't ask for script version when WORKAROUNDS=No
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-28 09:18:47 -07:00
Tom Eastep
7c9155a6e8
Update man pages and .conf files for WORKAROUNDS
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-06 07:56:14 -07:00
Tom Eastep
f227250959
Fix NFQUEUE parsing and documentation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-29 18:19:35 -07:00
Tom Eastep
f629d574e6
Add ipv6 'findgw' file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-28 07:20:26 -07:00
Tom Eastep
425094de18
Mention load= warning (sum not 1.000000)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-25 10:31:08 -07:00
Tom Eastep
bbdbdf7c47
Clean up 'call' description in the manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-25 07:06:17 -07:00
Tom Eastep
df4d6f1f92
Document load= in the providers manpages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-22 16:31:21 -07:00
Tom Eastep
ba7afcaeae
Make 'call' a supported command
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-21 10:38:35 -07:00
Tom Eastep
267637f139
NFQUEUE enhancements
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-20 10:55:21 -07:00
Tom Eastep
acd921cd08
Don't require a helper for ctevents and expevents
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-16 13:40:40 -07:00
Tom Eastep
9329e7c36c
Don't require a helper in the CT action.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-16 09:08:32 -07:00
Tom Eastep
2cea78e6df
Add the 'reenable' command
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-04-28 13:02:12 -07:00
Tom Eastep
6cb3004a39
Clarify helper module loading
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-04-17 09:51:25 -07:00
Tom Eastep
f5aa0373cb
Correct interfaces example 4
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-04-12 08:38:55 -07:00
Tom Eastep
057ad45fd9
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2015-04-12 07:52:34 -07:00