Commit Graph

14719 Commits

Author SHA1 Message Date
Tom Eastep
c7a3104bdb
Remove Multicast from IPv6 Policy Actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-09 14:37:20 -08:00
Tom Eastep
8683b80ad0
'reload' documentation corrections
- Add command synopsis to the manpage
- Correct command synopsis in help output

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-09 14:37:04 -08:00
Tom Eastep
0239796d6f
quote $LOG_LEVEL in shorewall[6].conf files
- Delete AllowICMPs from IPv4 policy action settings

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-09 14:36:27 -08:00
Tom Eastep
e4bf2b99bf
Add AllowICMPs to the REJECT_DEFAULT setting.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-08 09:47:40 -08:00
Tom Eastep
a98c1d5b35
Correct convertion of tcrules->mangle when a writable mangle exists
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-07 15:23:58 -08:00
Tom Eastep
928f54d37c
Correct logging in inline policy actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-07 13:37:59 -08:00
Tom Eastep
073235aa48
Correct typo in action.AllowICMPs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-07 13:03:49 -08:00
Tom Eastep
519fef5e87
Clear the firewall on Debian systemd 'stop' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-07 11:53:47 -08:00
Tom Eastep
944651e46d
Correct compiler directives WRT omitting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-07 11:51:40 -08:00
Tom Eastep
bdf0950317
Correct the handling of tcp-reset
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-07 11:44:45 -08:00
Tom Eastep
2fb1f9db01
Change AllowICMPs to an inline action
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-07 11:41:05 -08:00
Tom Eastep
c3661ad476
Change macro.ICMPs to an inline action
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-07 11:30:38 -08:00
Tom Eastep
a4dcc3f555
Restore logging to the BLACKLIST action
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-03 10:19:07 -08:00
Tom Eastep
e585ce04f4
Rename action.allowUPnP to action.allowinUPnP
- Allows 'show action allowinUPnP' to work correctly.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-03-02 10:06:01 -08:00
Tom Eastep
e8a5c45aae
Correct FAQ 1e
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-25 09:10:40 -08:00
Tom Eastep
6966270822
Allow 'show action' on buitin actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-19 13:43:23 -08:00
Tom Eastep
118e4f73c9
Correct validation of LOG_LEVEL
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-19 10:25:44 -08:00
Tom Eastep
10b39f3855
Correct typo (allowMast -> allowMcast)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-19 10:25:27 -08:00
Tom Eastep
c4f21ffefb
Additional documentation changes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-15 13:11:52 -08:00
Tom Eastep
a71b61c238
Delete the deprecated macros and actions during install
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-15 10:16:53 -08:00
Tom Eastep
944888c04f
Handle broadcast and muticast separately
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-15 10:16:20 -08:00
Tom Eastep
48d301b2cf
Rename the policy LIMIT column to RATE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-12 10:17:43 -08:00
Tom Eastep
735919d8d3
Add LOG_LEVEL option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-12 09:52:55 -08:00
Tom Eastep
b4561e97c8
Deprecate Drop and Reject in actions.std
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-12 09:28:38 -08:00
Tom Eastep
66a63a4da5
Fix instances of $LOGrmation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-12 08:33:56 -08:00
Tom Eastep
8c9fb501fd
Adjust .conf files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-11 13:41:28 -08:00
Tom Eastep
977fa81d46
Make 'none' case-insensitive in policy action specifications
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-10 11:43:51 -08:00
Tom Eastep
09fda9eb6c
Manpage updates:
- interfaces: Clarify the 'bridge' option
- rtrules:    Warn about similar rules with same priority
2017-02-10 11:43:04 -08:00
Tom Eastep
7e984af094
Some cleanup of policy actions
- Allow '+' in policy file action list

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-07 13:19:53 -08:00
Tom Eastep
af8d4e32c2
Replace 'info' with '$LOG' in the sample policy files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-07 08:27:19 -08:00
Tom Eastep
ca33a7ef65
Fix Sample .conf files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-06 18:28:05 -08:00
Tom Eastep
e91f414223
Document policy action changes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-06 17:09:23 -08:00
Tom Eastep
5cd2f26b51
Correct shorewall.conf(5)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-06 14:46:10 -08:00
Tom Eastep
dab9e1d7c4
Assume no default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-06 14:45:43 -08:00
Tom Eastep
b9471a2499
Correct parsing of the POLICY column
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-06 14:15:24 -08:00
Tom Eastep
3b82721956
Update Shorewall6 default-action defaults
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-06 13:56:45 -08:00
Tom Eastep
95ffada759
Change sample IPv4 default actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-06 13:47:02 -08:00
Tom Eastep
b2553fb008
Another change to allow builtin actions as default actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-06 13:25:10 -08:00
Tom Eastep
8bc70674f3
Make DropDNSrep an inline action
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-06 11:21:56 -08:00
Tom Eastep
cecb8a1950
Deprecate the Drop and Reject actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-06 10:52:31 -08:00
Tom Eastep
079d862bb3
Document default-action lists
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-06 10:51:57 -08:00
Tom Eastep
d50fdea2a7
Merge branch '5.1.1' 2017-02-06 10:26:55 -08:00
Tom Eastep
4c97c58981
Apply Tuomo's fix for CLI run with no command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-06 10:25:20 -08:00
Tom Eastep
92133e5a6b
Default-action lists
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-06 10:11:48 -08:00
Tom Eastep
686ca9d3a3
Allow builtin actions in xxx_DEFAULT settings.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-02-05 15:21:57 -08:00
Tom Eastep
fa7ad6bd74
Update blacklisting article:
- ipset-based blacklisting
- BLACKLIST policy and action

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-26 13:17:46 -08:00
Tom Eastep
e45b96ca20
Update blacklisting article:
- ipset-based blacklisting
- BLACKLIST policy and action

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-26 13:17:11 -08:00
Matt Darfeuille
eac2639684
core: Correct the path being displayed for the CLI
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-24 16:19:08 -08:00
Tom Eastep
70a395892f
Make BLACKLIST work correctly in the blrules file
- Add the 'section' action option

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-23 15:03:02 -08:00
Tom Eastep
d2d11df4f6
Make action.BLACKLIST behave correctly in the blrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-01-23 13:35:10 -08:00