Commit Graph

5631 Commits

Author SHA1 Message Date
Tom Eastep
ce28c70c60 SNAT and DNAT support for IPv6.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-19 07:08:08 -08:00
Tom Eastep
d0b2d05d5b Add optional argument to have_capability().
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-18 15:15:26 -08:00
Tom Eastep
010c44d07a Correct description of the 'sourceroute' interface option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-18 11:33:19 -08:00
Tom Eastep
088fc1a3a3 Report used/required capabilities
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-18 08:48:18 -08:00
Tom Eastep
6d92d293b8 Use 'here documents' in the usage() function.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-17 07:44:10 -08:00
Tom Eastep
bb5b6e42d6 Replace death sequences with calls to fatal_error()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-16 07:32:47 -08:00
Tom Eastep
536ee427da Remove macros during uninstall.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-15 07:05:29 -08:00
Tom Eastep
9eba41669e Give address-family specific help text for 'iptrace'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-15 06:58:26 -08:00
Tom Eastep
7e2265dd23 Defer reading .conf when processing the 'update' command.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-15 06:51:37 -08:00
Tom Eastep
ab4dd54523 Save/use local SHAREDIR in reload_command
- Remove SHAREDIR may differ from the local one

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-15 06:46:14 -08:00
Tom Eastep
7859267539 Eliminate $globals{CONFDIR}
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-14 17:24:49 -08:00
Tom Eastep
e486c16513 Correct all configpath files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-14 15:10:21 -08:00
Tom Eastep
f44e035a47 Fix load, reload and export WRT shorewallrc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-14 10:21:26 -08:00
Tom Eastep
104c205230 Correct syntax error in Shorewall uninstall.sh
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-14 09:35:07 -08:00
Tom Eastep
c68513672d Comments and documentation.
- Removes the Actions-4.5 article

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-14 08:48:45 -08:00
Tom Eastep
1ae6ed9c10 Use 'fatal_error' to report issues with params and .conf.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-14 06:52:43 -08:00
Tom Eastep
93b3fd9be5 Correct IPv6 address checking (again)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-13 13:37:26 -08:00
Tom Eastep
0461e5de20 Standardize the 'Ordinary Users' error messages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-13 12:45:28 -08:00
Tom Eastep
f8e5950fe5 Remove outdated comment from the configpath file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-13 11:42:26 -08:00
Tom Eastep
138638cb1a Effectively use the specified directory as the CONFIG_PATH til .conf is read
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-13 07:45:24 -08:00
Tom Eastep
c5bb16ac26 Another fix for IPv6 address lists.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-13 07:44:19 -08:00
Tom Eastep
f44becdee1 Rename BLACKLIST_LOGLEVEL to BLACKLIST_LOG_LEVEL for consistent naming.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-12 07:47:02 -08:00
Tom Eastep
84c5822c20 Correct IPv6 List Handling
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-11 16:45:03 -08:00
Tom Eastep
b4977db5b2 Add %section_states that maps sections to their related state(s).
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-11 14:59:48 -08:00
Tom Eastep
f23f7400d8 Merge branch '4.5.13' 2013-02-11 11:52:02 -08:00
Tom Eastep
db8f90f182 Remove allow_optimize() call from action.New.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-11 06:45:33 -08:00
Tom Eastep
8d0a80a7e2 Merge branch '4.5.13' 2013-02-11 06:40:11 -08:00
Tom Eastep
9f9220f854 Only look in the specified directory for params when compiling as non-root.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-11 06:36:32 -08:00
Tom Eastep
b9d5b92f1b Correct handling of expressions consisting of a single number.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-10 15:19:30 -08:00
Tom Eastep
b349cc0f22 A better fix for inline default action with parameters.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-10 09:29:30 -08:00
Tom Eastep
a312bfbb42 Add a section => name function map
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-10 09:27:43 -08:00
Tom Eastep
c35e753b1d A better fix for inline default action with parameters.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-10 09:16:18 -08:00
Tom Eastep
8b4349b356 Merge branch '4.5.13' 2013-02-10 09:05:41 -08:00
Tom Eastep
54c43396f0 Correct default action handling:
- isolate basic target before testing for action/inline
- delete the action chain if appropriate.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-10 09:00:13 -08:00
Tom Eastep
f9dc89dc61 Allow arbitrary $n variables when IGNOREUNKNOWNVARIABLES=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-10 07:56:04 -08:00
Tom Eastep
60e3f1015e Allow arbitrary $n variables when IGNOREUNKNOWNVARIABLES=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-10 07:51:35 -08:00
Tom Eastep
8e0a90e077 Merge branch '4.5.13' 2013-02-09 17:54:06 -08:00
Tom Eastep
cadf2747fe Correct reset_optflags()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-09 17:53:40 -08:00
Tom Eastep
810ebe32ce Merge branch '4.5.13' 2013-02-09 13:15:44 -08:00
Tom Eastep
c04c61b314 Correct typos in check_rules().
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-09 11:42:54 -08:00
Tom Eastep
a8fdfa4e48 Create an ESTABLISHED chain
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-09 09:32:12 -08:00
Tom Eastep
a4297381e9 Don't ACCEPT untracked packets unless UNTRACKED_DISPOSITION=ACCEPT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-09 09:15:05 -08:00
Tom Eastep
eaa6d72a4f Allow parameters to be omitted in action invocations.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-09 07:07:01 -08:00
Tom Eastep
e664b6bafb Correct action.TCPFlags
- restore rule dropped when converted.
- remove cruft
- Correct parameter handling

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-08 15:39:04 -08:00
Tom Eastep
96d64d0a04 Remove extraneous default parameter from action.Untracked
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-08 13:00:54 -08:00
Tom Eastep
122a8358fc Correct the default action description in the New action.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-08 12:59:22 -08:00
Tom Eastep
acbff91d87 Remove 'default action' comments from the xxxInvalid actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-08 12:57:44 -08:00
Tom Eastep
1bd9e8b015 Correct allowInvalid and dropInvalid
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-08 10:49:12 -08:00
Tom Eastep
62a567b550 Treat each -m conntrack subtype as a separate match
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-08 10:08:23 -08:00
Tom Eastep
e4f1c62e71 Improve handling of nested state actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-08 09:09:20 -08:00