Tom Eastep
|
c725372639
|
Correct logging of 'reloaded' message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-15 14:46:21 -07:00 |
|
Tom Eastep
|
524838ae47
|
Implement $SW_LOGGERTAG
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-15 14:29:51 -07:00 |
|
Tom Eastep
|
549af8b402
|
Update config files where address and gateway variables can be used
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-15 10:51:39 -07:00 |
|
Tom Eastep
|
6aa0ecae4f
|
Re-factor the code for saving/loading ipsets
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-14 15:15:47 -07:00 |
|
Tom Eastep
|
434e042494
|
Add the deprecated/ directories to the CONFIG_PATH
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-14 14:17:06 -07:00 |
|
Tom Eastep
|
9fa0df2fd1
|
Move the code that generates zap_ipsets() to after save_ipsets() generation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-14 09:56:48 -07:00 |
|
Tom Eastep
|
074655d1bd
|
Fix AUTOMAKE and the start command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-14 09:43:21 -07:00 |
|
Tom Eastep
|
216bc715e8
|
Clean up V4/V5 ipset enforcement
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-14 09:00:38 -07:00 |
|
Tom Eastep
|
541ecb67b4
|
Update dhcp article
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-13 17:36:56 -07:00 |
|
Tom Eastep
|
dbd42e1d5d
|
More ipset fixes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-12 16:29:13 -07:00 |
|
Tom Eastep
|
04ec8273ef
|
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
|
2016-04-12 07:13:29 -07:00 |
|
Tuomo Soini
|
772f88b1fd
|
action.A_Reject: improve comment text
Signed-off-by: Tuomo Soini <tis@foobar.fi>
|
2016-04-12 13:17:56 +03:00 |
|
Tuomo Soini
|
3e0b8c60a2
|
Reverse the order of ICMP and Broadcast checking in the default actions
Signed-off-by: Tuomo Soini <tis@foobar.fi>
|
2016-04-12 10:12:29 +03:00 |
|
Tom Eastep
|
fc2b555cdb
|
Correct date formatting in startup_error()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-11 15:24:35 -07:00 |
|
Tom Eastep
|
16afd880b2
|
Reverse the order of ICMP and Broadcast checking in the default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-11 11:16:46 -07:00 |
|
Tom Eastep
|
76a5841fcd
|
Reverse the order of Broadcast and ICMP checking in the default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-11 10:47:11 -07:00 |
|
Tom Eastep
|
9758e8cdc5
|
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
|
2016-04-11 10:41:44 -07:00 |
|
Tom Eastep
|
2cf3706864
|
Correct handling of a zone with two interfaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-11 10:32:26 -07:00 |
|
Tom Eastep
|
3028dafbac
|
Correct DBL 'src-dst' handling
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-11 09:13:17 -07:00 |
|
Tom Eastep
|
16a31c3d29
|
Make MINIUPNPD work with DOCKER
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-11 09:02:44 -07:00 |
|
Tom Eastep
|
d3f377e915
|
Don't double-save the dynamic blacklisting ipset
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-11 08:37:39 -07:00 |
|
Tuomo Soini
|
54a5748395
|
macros: RedisCluster and RedisSentinel
http://redis.io/topics/sentinel
Signed-off-by: Tuomo Soini <tis@foobar.fi>
|
2016-04-11 14:39:21 +03:00 |
|
Tom Eastep
|
6c00f72f44
|
Create ipsets with the 'counters' option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-10 18:09:41 -07:00 |
|
Tom Eastep
|
8dc88898c8
|
Tidy up the output of 'shorewall[6][-lite] show bl'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-10 17:22:22 -07:00 |
|
Tom Eastep
|
deaaecdf1c
|
Add 'nodbl' interface option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-10 16:09:39 -07:00 |
|
Tom Eastep
|
05e4049174
|
Ipset-based blacklisting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-10 16:07:56 -07:00 |
|
Tom Eastep
|
ef10515a42
|
Correct FASTACCEPT description
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-10 07:20:45 -07:00 |
|
Tom Eastep
|
5db6cb1b7d
|
Correct load_ipsets()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-09 16:07:10 -07:00 |
|
Tom Eastep
|
76c8917aa7
|
Add a sixth parameter to Drop and Reject
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-08 09:10:45 -07:00 |
|
Tom Eastep
|
be58d530c4
|
Document 'logjump'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-08 09:09:59 -07:00 |
|
Tom Eastep
|
321476fd51
|
Tweak terminating() implementation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-08 08:24:57 -07:00 |
|
Tom Eastep
|
bd6b32eb25
|
Add a progress message for REJECT_ACTION processing
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-07 10:30:54 -07:00 |
|
Tom Eastep
|
4fdf54eca1
|
Tweak process_reject_action()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-07 10:02:48 -07:00 |
|
Tom Eastep
|
70bbd21b35
|
Ensure that the REJECT_ACTION is terminating
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-07 09:34:38 -07:00 |
|
Tom Eastep
|
87a9b95f73
|
Catch case where a transformed rule jumps to its own chain
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-07 08:58:50 -07:00 |
|
Tom Eastep
|
ecd7261365
|
Use -g when target is a terminating chain
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-07 08:48:36 -07:00 |
|
Tom Eastep
|
293cd1d66a
|
Always go to the reject chain rather than jump to it
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-06 09:14:06 -07:00 |
|
Tom Eastep
|
436b5d89ce
|
Correct comment
- The chain will only exist if logging wasn't specified for the same
disposition.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-06 08:50:29 -07:00 |
|
Tom Eastep
|
26795cf082
|
Correct setup of $usedactions{A_REJECT}
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-06 08:18:36 -07:00 |
|
Tom Eastep
|
95e4071f34
|
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
|
2016-04-06 07:42:46 -07:00 |
|
Tuomo Soini
|
6366fb40cf
|
ProxyARP.xml: fix proxyndp sample column matching
Signed-off-by: Tuomo Soini <tis@foobar.fi>
|
2016-04-06 12:00:41 +03:00 |
|
Tuomo Soini
|
20179a5c9d
|
remove completely false README.txt
Signed-off-by: Tuomo Soini <tis@foobar.fi>
|
2016-04-06 10:23:58 +03:00 |
|
Tom Eastep
|
b7e6893f7d
|
Restore DropUPnP behavior in Reject
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-05 20:00:15 -07:00 |
|
Tom Eastep
|
3ac3ae279f
|
Add A_REJECT action
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-05 16:38:39 -07:00 |
|
Tom Eastep
|
54843c617d
|
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
|
2016-04-05 11:46:42 -07:00 |
|
Tom Eastep
|
e9467326f3
|
Allow allow REJECT to take a parameter
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-04-05 11:20:44 -07:00 |
|
Tuomo Soini
|
80bf77e8a8
|
modules.xtables: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
|
2016-04-05 20:31:36 +03:00 |
|
Tuomo Soini
|
1e5ebee799
|
modules.tc: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
|
2016-04-05 20:31:36 +03:00 |
|
Tuomo Soini
|
74fe7b302e
|
modules.ipset: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
|
2016-04-05 20:31:36 +03:00 |
|
Tuomo Soini
|
d70e18535b
|
modules.extensions: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
|
2016-04-05 20:31:36 +03:00 |
|