Commit Graph

12202 Commits

Author SHA1 Message Date
Tom Eastep
c6ffdd67e2 Add DROP target to the conntrack file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-18 11:35:40 -08:00
Tom Eastep
5265cd5bb7 Add UNTRACKED match to the secmarks file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-18 11:01:49 -08:00
Tom Eastep
ab381ed95e Expand the description of enable/disable on optional non-provider interfaces.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-18 09:01:38 -08:00
Tom Eastep
0277d6628e Correct typo in shorewall(8) and shorewall6(8).
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-18 08:30:47 -08:00
Tom Eastep
5712438bcb Eliminate Shell syntax error when a provider and its interface have the same name.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-16 09:50:36 -08:00
Tom Eastep
a2b14c37ed Treat optional interfaces as pseudo-providers.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-16 09:48:21 -08:00
Tom Eastep
054248d2cb Merge branch '4.5.9' 2012-11-14 11:51:51 -08:00
Tom Eastep
a484cb848f Document TPROXY IPv6 gotcha.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-14 11:51:30 -08:00
Tom Eastep
b1ffcd8628 Apply provider mask in 'routemark' chain.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-14 11:20:30 -08:00
Tom Eastep
34e3e4bf82 Merge branch '4.5.9' 2012-11-14 11:17:18 -08:00
Tom Eastep
06a4994488 Make exclusion work correctly with TPROXY.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-14 11:16:52 -08:00
Tom Eastep
391113dfe3 Apply provider mask in 'routemark' chain.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-13 06:55:59 -08:00
Tom Eastep
3c58d2180d Improve the efficiency of tcrule processing.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-13 06:55:35 -08:00
Tom Eastep
32c9e4274f Rename 'mysplit' to 'split_host_list'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-11 08:42:01 -08:00
Tom Eastep
896d874aab Set VARLIB in the script's initialize() function.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-09 12:29:19 -08:00
Tom Eastep
5fcdfd779c Don't default IPSET to 'ipset'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-09 08:54:54 -08:00
Tom Eastep
860ee6de27 Eliminate nonsensical warning message.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-06 07:36:36 -08:00
Tom Eastep
4b6fdf8b72 Update masq manpage to expunge exclusion with an interface name in the SOURCE column.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-04 09:11:37 -08:00
Tom Eastep
0e7a4d56fd Mention IMPLICIT_CONTINUE in the bridge doc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-04 07:07:19 -08:00
Tom Eastep
ec17ea1dee Remove superfluous check
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-03 08:19:46 -07:00
Tom Eastep
2e211bc2b6 Correct handling of wildcard interfaces in rules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-03 07:24:41 -07:00
Tom Eastep
6e4632663b Correct heading comments in action.TCPFlags.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-01 07:20:50 -07:00
Tom Eastep
5f0b85b5b9 Replace a couple of more hard-coded directory names.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-30 09:49:53 -07:00
Tom Eastep
86ae74005a Correct invalid information in shorewall[6]-tcclasses.
- Delete part about an interface only appearing once.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-29 12:46:58 -07:00
Tom Eastep
e11dac3fe2 Replace wireless router image in the 2012 Network diagram.
- Correct a typo in the 4.4 upgrade issues

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-29 07:18:28 -07:00
Tom Eastep
d3c63a2d97 Merge branch '4.5.9'
Conflicts:
	docs/MultiISP.xml
	docs/images/Network2012a.dia
	docs/images/Network2012a.png
2012-10-28 12:45:51 -07:00
Tom Eastep
39c0991940 More updates to the Multi-ISP doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-28 12:34:27 -07:00
Tom Eastep
9e984b10f6 More updates to the Multi-ISP doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-28 12:10:06 -07:00
Tom Eastep
19048b6a18 Recover Network Diagram
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-28 09:06:48 -07:00
Tom Eastep
2fcbeb9ddf Update Multi-ISP doc with my current config
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-27 20:43:13 -07:00
Tom Eastep
8397244fd6 Update Multi-ISP doc with my current config
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-27 20:28:52 -07:00
Tom Eastep
ef3652fc98 Update migration issues document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-27 08:01:16 -07:00
Tom Eastep
b9139a4ec8 Add additional steps to creating a dump file.
- Ubuntu Precise with 4.4.26.1 -- use bash
- ipsec-tools required if IPSEC-related issue

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-26 12:42:35 -07:00
Tom Eastep
1e7a196b3d correct a typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-26 12:41:29 -07:00
Tom Eastep
3f1aeb33be Correct mark range with shifted mask.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-26 12:41:06 -07:00
Tom Eastep
e908473d29 Clean up description of CHECKSUM in the manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-26 11:22:54 -07:00
Tom Eastep
e177916c12 Implement statistical marking in the tcrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-26 07:10:26 -07:00
Tom Eastep
d0e03bb03a Sort IPv6 routing tables.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-23 11:53:19 -07:00
Tom Eastep
0387b16983 Implement CHECKSUM action in the tcrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-22 15:42:13 -07:00
Tom Eastep
f24e194819 Don't display chains with no matched entries when -b
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-22 14:15:37 -07:00
Paul Gear
59a75512be Add Teredo macro
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-21 07:20:29 -07:00
Tom Eastep
5a103e8ec5 Make options consistent (add a '-' before 't')
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-20 07:15:44 -07:00
Paul Gear
cf68379c4c Document brief option for show command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-20 07:11:56 -07:00
Paul Gear
6c06302d2a Make formatting of interface options consistent
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-20 07:11:48 -07:00
Paul Gear
ca5a0f4b15 Fix option parsing for brief option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-20 07:11:40 -07:00
Paul Gear
baf42f2ac0 Add brief option to shorewall show
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-20 07:11:31 -07:00
Tom Eastep
30066062d1 Move SHOREWALL_CAPVERSION declaration to lib.cli
- Make 'shorwall' the default g_program in lib.cli
- Initialize g_tool in lib.cli for shorewall and shorewall6 to
  facilitate use of the library without reading shorewall[6].conf.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-19 07:12:49 -07:00
Tom Eastep
b00dc658b2 Correct error messages in action.RST
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-15 07:17:17 -07:00
Tom Eastep
6af16e0cda Allow quotes in parameter to run_iptables()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-14 13:26:08 -07:00
Tom Eastep
ab7975539c Correct typo in get_params()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-14 09:30:27 -07:00