7edf4918d7
Remove leading ":" from CONFIG_PATH in active shorewall[6].conf
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-26 10:27:19 -08:00
d3a1dc1e2a
Delete superfluous semicolon.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-25 08:45:42 -08:00
f68f47d01b
Init: Fix when to compile the firewall on Debian
...
Signed-off-by: Matt Darfeuille <matdarf@gmail.com >
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-25 08:37:00 -08:00
b1d1fa862a
Add comment noting that the 'physwild' interface member is currently unused
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-23 10:58:16 -08:00
24acf25451
Delete unused find_interfaces_by_option1()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-23 10:53:16 -08:00
229c47ac6c
Don't delete options that are to be ignored from %options
...
- specifying some options can have side-effects that cause
$interfaceref->{options}{$option} to be accessed
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-23 10:47:22 -08:00
38de9c1732
Make wildcard/option checks order-independent WRT the options
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-23 10:24:08 -08:00
17f4fd7cd2
Initialize $physwild to $wildcard
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-22 15:42:16 -08:00
cfd02c1bb6
More $minroot changes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-22 13:58:38 -08:00
02caeb5aa0
Remove sourceroute=0 from IPv6 Universal interface options
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-22 13:44:11 -08:00
19b7601c72
Improve handling of wildcard interfaces and options
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-22 13:43:45 -08:00
5a8e9cd0a3
Correct $minroot logic
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-22 09:08:27 -08:00
b5a6067588
Describe default interval and decay for rate estimator policing filters
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-20 09:04:52 -08:00
45468af2d2
Correct ingress policing for later releases of iproute2
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-18 11:52:19 -08:00
6c018f478c
Avoid unnecessary recompilation by Shorewall-init
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-18 10:25:56 -08:00
dec3cacb2a
Correct typo in the Helpers Article
...
Port 1729 -> port 1723 for PPTP
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-08 15:28:01 -08:00
4ab8e1f0a2
Remove PSH from the FIN action
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-05 15:25:54 -08:00
821d72093a
Rename DEFAULTACTION_SECTION to POLICYACTION_SECTION.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-02 16:25:15 -08:00
42d5d13780
Retain proto setting when switching inline <-> noinline
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-02 13:40:41 -08:00
7121a0f1b1
Disallow a protocol on the Reject Action
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-02 12:58:05 -08:00
ab12d63a4f
Change 'default action' to 'policy action' in comments and messages
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-02 12:55:17 -08:00
6ba1d5413b
Allow a protocol to be associated with an action
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-02 11:24:08 -08:00
4fc572f664
Exit the IPv6 AllowICMPs chain if packet isn't ipv6-icmp
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-01 14:50:17 -08:00
138e64c54a
Improve the documentation surrounding DNS names.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-12-01 09:25:20 -08:00
b04b65cac8
Clear counters in all tables during 'reset'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-30 14:31:59 -08:00
c907748b52
Correct typo in 'dump'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-30 14:31:33 -08:00
7f3414e3d8
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2017-11-29 08:19:57 -08:00
c75fe2ea8d
Fix typo
2017-11-29 06:56:06 -05:00
5dcb684efc
Don't be specific when deleting IPv6 balanced/fallback default routes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-28 15:26:17 -08:00
3e87e5004a
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
2017-11-27 09:36:13 -08:00
c89b113a61
Fix typos
2017-11-26 15:39:59 -05:00
7289175070
Chop first config dir if non-root or if compiling for export.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-23 09:57:12 -08:00
5aaf1e53de
IPv6 Samples use logical interface names
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-22 09:56:45 -08:00
a9373d727b
Use logical interface names in the samples.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-22 09:40:15 -08:00
528b473f6b
Add some additional documentation to the Config module
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-22 08:41:37 -08:00
d22210c074
Set g_export before calling get_config()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-14 13:46:41 -08:00
89d6009200
Revert "Fix for copying SYSCONFFILE. Gave a Permission denied on OpenWRT"
...
This reverts commit f0cb3f50e4
2017-11-14 10:48:56 -08:00
f411f7dd31
Remove redundant test
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-14 10:45:10 -08:00
502e98eb9f
Add Redfish console to the IPMI macro
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-14 10:44:54 -08:00
f73bad440d
Don't verify IP and SHOREWALL_SHELL when compiling/checking for test
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-14 10:02:15 -08:00
f0cb3f50e4
Fix for copying SYSCONFFILE. Gave a Permission denied on OpenWRT
...
Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl >
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-14 09:01:06 -08:00
23bc019a82
Add OpenWRT options.
...
Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl >
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-14 09:00:46 -08:00
9d299ef866
Don't verify IP and SHOREWALL_SHELL setting when compiling for export
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-14 08:50:05 -08:00
2a9272ccd1
Clean up RAs involving "|"
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-14 08:26:17 -08:00
130ddff9de
Correct a typo in an error message
...
- Includes cosmetic changes to Providers.pm
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-10 11:25:52 -08:00
9cf298482d
Merge branch '5.1.8'
2017-11-09 12:59:59 -08:00
c5a586aa37
Allow [...] around gateway address in the providers file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-09 12:20:01 -08:00
0670ecaf5e
Update Shared Configuration Article
...
- Add network graphic
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-08 18:47:23 -08:00
d3eebde464
Add another restriction for SAVE_IPSETS=Yes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-08 10:56:57 -08:00
832418585a
Don't make persistent routes and rules dependent on autosrc.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net >
2017-11-08 09:46:25 -08:00
