Commit Graph

15559 Commits

Author SHA1 Message Date
cd5409d633 Take care of '$LOG_LEVEL' during update
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-07-06 15:38:01 -07:00
2f58d4e368 Don't create a zone forwarding chain for local zones
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-07-06 09:06:03 -07:00
31844d22cd Update Shared Config article for July 2020 configuration
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-07-06 08:56:31 -07:00
628f5f0903 Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code 2020-07-05 15:31:03 -07:00
ce73c783dc Avoid Perl diagnostic when updating shorewall[6].conf
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-07-05 15:29:34 -07:00
e7318459f1 Avoid double colons in the CONFIG_PATH
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-07-05 15:27:47 -07:00
467d41f0cc Merge branch '5.2.6'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-07-05 13:23:48 -07:00
ff64539de3 Update shared config document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-07-05 13:19:15 -07:00
418f96082e Add target file(s) 5.2.6-base
Signed-off-by: Tom Eastep <teastep@shorewall.net>
5.2.6-base
2020-07-04 10:48:56 -07:00
b761a6eaa0 Call optimize_policy_chains() after doing other ruleset optimization
- This insures that ACCEPT policy chains are optimized when EXPAND_POLICIES=No

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-07-04 10:40:43 -07:00
f8b7815375 Call optimize_policy_chains() after doing other ruleset optimization
- This insures that ACCEPT policy chains are optimized when EXPAND_POLICIES=No

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-07-04 09:49:28 -07:00
d643f57bc1 Add the -D option to shorewall usage output
- Also delete an incorrect -D description in shorewall(8)

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-30 14:56:41 -07:00
d1c7b3d9da Add target file(s) 5.2.6-RC1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
5.2.6-RC1
2020-06-29 13:48:53 -07:00
d399fd0815 Add target file(s) 5.2.6-RC1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-29 13:48:15 -07:00
3dc14e3575 Work around for Centos 7 iptables bug
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-29 11:27:14 -07:00
7ba6ac71e3 Delete blank line
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-28 20:41:21 -07:00
10aef23ab1 Correct handling of ";;+" in the snat file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-28 11:03:04 -07:00
e3f139bbdb Add SPORT column to the snat file (FORMAT 2)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-27 14:50:23 -07:00
e4f24f41fd Add target file(s) 5.2.6-Beta1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
5.2.6-Beta1
2020-06-27 10:25:51 -07:00
d0e4c53bd0 Add target file(s) 5.2.6-Beta1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-27 10:24:45 -07:00
43ac903085 Correct action dport implementation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-26 16:55:39 -07:00
28b92dae32 Update version for PORT->DPORT snat column naming
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-26 15:34:16 -07:00
bac493c2c5 Merge branch '5.2.5' 2020-06-26 15:31:51 -07:00
3ed1cdec94 Rename the snat PORT column to DPORT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-26 14:44:00 -07:00
3f5bdfd705 Process the firewall.conf file when running shorewall[6]-lite
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-25 13:32:36 -07:00
c9512dfaf8 Make 'show actions' more robust
- Show all lines, including continuation and compiler directives
- Show both actions and actions.std entries
- The actions file need not reside in /etc/shorewall[6] but may be in
  any directory on the CONFIG_PATH

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-25 11:28:08 -07:00
5cc626fa1d Add target file(s) 5.2.5.1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
5.2.5.1
2020-06-21 11:42:30 -07:00
a39ecf5b2b Add target file(s) 5.2.5.1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-21 11:41:53 -07:00
631bec2762 List supported releases
Signed-off-by: Matt Darfeuille <matt@shorewall.org>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-21 11:33:54 -07:00
aa126270b7 Avoid exporting targetfiles
Signed-off-by: Matt Darfeuille <matt@shorewall.org>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-21 11:33:38 -07:00
af2b7e6fc1 List supported releases
Signed-off-by: Matt Darfeuille <matt@shorewall.org>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-21 11:30:38 -07:00
01bfdabd5a Avoid exporting targetfiles
Signed-off-by: Matt Darfeuille <matt@shorewall.org>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-21 11:30:38 -07:00
c234a1a0ec Merge branch '5.2.5' 2020-06-20 10:02:53 -07:00
4c50f3b9bf Correct typo in shorewall-providers(5).
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-16 15:50:14 -07:00
3390897a45 Remove duplicates from the output of 'show actions'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-15 13:13:34 -07:00
7ca18c410b Remove duplicates from the output of 'show actions'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-15 13:12:43 -07:00
e2aeed898d Add the 'dport' option to the actions file(s)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-15 13:12:06 -07:00
2eb1c88555 Omit superfluous test
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-14 15:00:49 -07:00
117e9ba5bd Change kern.err to daemon.err in logger params
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-13 14:29:48 -07:00
3ce04a8ef3 Add "zone name too long" error
Signed-off-by: Tom Eastep <teastep@shorewall.net>
5.2.5-base
2020-06-12 12:57:31 -07:00
737aca6a3d Add target file(s) 5.2.5-RC1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
5.2.5-RC1
2020-06-10 10:36:03 -07:00
d89d35a9f0 Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code 2020-06-08 09:48:31 -07:00
220e89755e Omit STATE-orientated rules in wildcard policy chains
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-07 20:57:55 -07:00
1d875b2909 Minor edit to the blacklisting doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-07 18:12:01 -07:00
011638ad7d Document use of address variables in the snat file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-07 18:11:26 -07:00
3f5c47695e Expand fail2ban documenation in the blacklisting article
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-07 12:37:45 -07:00
fb14b0aafc Update targetname files for 5.2.5-Beta2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
5.2.5-Beta2
2020-06-06 12:54:01 -07:00
54ab7cdeb5 Update blacklisting documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-06 12:23:32 -07:00
aa47554604 Add 'noupdate' DYNAMIC_BLACKLIST option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-06 10:14:32 -07:00
07160c5ed1 Add 'blacklist!' command.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-06-06 10:13:46 -07:00