Commit Graph

1280 Commits

Author SHA1 Message Date
matt darfeuille
f1ed963077 Shorewall 5.0.4 Beta 2
Hi Tom,

Some unnecessary lines need to be removed from the sysconfig files.
I made some more changes to the init.openwrt.sh scripts(lite and
lite6)

Attached as sysconfig-lite.patch!

In order to be able to use the build50 script I had to make a few
changes(attached as build50.patch):

- Adding a variable BASEDIR (to build shorewall  in a subdirectory)
BASEDIR=$PWD
and doing:
$BASEDIR/annotate.pl
and so on ...

- Adding a variable
CYGWINSTYLESHEET
and modifying the script to use this new variable(added cygwin clause
in case statement)

- Adding a variable GITRELEASEDIR and modifying the lines around
624(to specify an other name for the release repo)
from
../release/
to
../$GITRELEASEDIR/

- Added line to remove unnecessary *.bak files

- Added an if statement if a subdirectory is used when patches are
created

question/request:
Would it be possible to use the build50 script without the '-t'
option?
That way only the packages would be built but the tarballs wouldn't
be created.

-Matt

On 12 Jan 2016 at 7:57, Tom Eastep wrote:

> Shorewall 5.0.4 Beta 2 is now available for download.
>
> New Feature since Beta 1:
>
> 1)  The mangle file now supports an DIVERTHA action that provides
>     support for HAProxy.
>
>     To setup the HAProxy transparent configuration described at
>
> http://www.loadbalancer.org/blog/setting-up-haproxy-with-transparent-mode-on-centos-6-x,
>     place this entry in shorewall-providers(5):
>
>
>     #NAME  NUMBER   MARK    DUPLICATE  INTERFACE GATEWAY   OPTIONS
>     TProxy 1        -       -          lo        -         tproxy
>
>     and use this DIVERTHA entry:
>
>     #ACTION         SOURCE          DEST            PROTO  ...
>     DIVERTHA        -               -               tcp
>
> Thank you for testing,
> -Tom
> --
> Tom Eastep        \ When I die, I want to go like my Grandfather who
> Shoreline,         \ died peacefully in his sleep. Not screaming like
> Washington, USA     \ all of the passengers in his car
> http://shorewall.net \________________________________________________
>
>

-------------- Enclosure number 1 ----------------
>From ca4c854433e1c4c5870ea3e71225e5df8da4e255 Mon Sep 17 00:00:00 2001
From: Matt Darfeuille <matdarf@gmail.com>
Date: Wed, 13 Jan 2016 21:28:47 +0100
Subject: [PATCH 1/2] Modified lite and lite6.init.openwrt.sh

Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-14 16:36:21 -08:00
Tom Eastep
12513e24a3 Revert "Implement dynamic actions"
This reverts commit 8075ba719a.
2016-01-13 11:04:41 -08:00
Tom Eastep
8075ba719a Implement dynamic actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-13 09:33:38 -08:00
Tom Eastep
3828eb856b Rename HADIVERT to DIVERTHA
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-08 15:36:10 -08:00
Tom Eastep
e29e2d117d Documentation updates
- update LSM section of the Multi-ISP article
- Correct formatting of HAPROXY examples

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-08 08:33:42 -08:00
Tom Eastep
ad2f20b824 Finish HAProxy support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-06 09:12:33 -08:00
Tom Eastep
ee6a1dadbb Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2016-01-05 10:48:48 -08:00
Tuomo Soini
da93669245 Revert "shorewall6*.service: make sure shorewall and shorewall6 won't start at same time"
This reverts commit ff821e57c2.

Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-01-05 20:18:25 +02:00
Tuomo Soini
ff821e57c2 shorewall6*.service: make sure shorewall and shorewall6 won't start at same time
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-01-05 12:04:46 +02:00
Tuomo Soini
c447ddd03e systemd service: rename pre214 systemd versions to pre214 and remove separeate 214 variants 2016-01-05 12:01:21 +02:00
Tom Eastep
0c66e5f1b2 More Openwrt support in Shorewall-init from Matt Darfeuille
- Also, various cleanup in install/uninstall scripts

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-01-04 15:45:21 -08:00
Tom Eastep
89d91d37a1 Add Shorewall-init installer support for OpenWRT
- Supply sysconfig files for all products

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-27 16:47:31 -08:00
Tom Eastep
c9f57ad9c9 Update manpages for ADD timeout
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-24 09:20:42 -08:00
Tom Eastep
4b893b2fd6 Install/uninstall fixes from Matt Darfeuille
Signed-off-by: Tom Eastep <teastep@shorewall.net>

Conflicts:
	Shorewall-init/install.sh
2015-12-05 11:56:16 -08:00
Tom Eastep
8e7f001f7e Update manpages for column renaming
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-04 14:53:26 -08:00
Tom Eastep
46434e45b6 Change to IP_FORWARDING=keep in shorewall6.conf files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-12-02 11:28:04 -08:00
Tom Eastep
2c1786422e Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2015-11-28 09:04:46 -08:00
Tom Eastep
b087cee7f0 Redefine MODULESDIR
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-28 08:36:12 -08:00
Tuomo Soini
948175124b accounting: there must be more room for ACTION, SOURCE, and DEST
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-27 22:33:03 +02:00
Tuomo Soini
b25a8e4b2d shorewall: use real field names in config file headers
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-16 18:16:17 +02:00
Tom Eastep
7b54e5e1a6 Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2015-11-10 07:50:33 -08:00
Tuomo Soini
d0d34568d1 Shorewall6: reduce number of lines on config headers
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-09 23:09:37 +02:00
Tom Eastep
7fb00e0dfe Remove the routestopped files and their manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-11-09 07:28:46 -08:00
Tuomo Soini
f095e6f31d configfiles: unified configuration file formatting
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-09 10:24:20 +02:00
Tuomo Soini
8aefb3a998 Shorewall6: upgrade conntrack to ?VERSION 3
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-11-09 09:44:31 +02:00
Tuomo Soini
e74ff0ecd9 more cleanup to config files. 2015-11-02 00:03:38 +02:00
Tom Eastep
1c29240eb9 Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2015-11-01 11:31:53 -08:00
Tom Eastep
3973cdf0da Merge branch '5.0.1' 2015-10-28 14:35:27 -07:00
Tuomo Soini
31cdd6dbcb Shorewall6/configfiles/stoppedrules: use standard description
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-10-28 10:48:48 +02:00
Tuomo Soini
8133de1695 Shorewall6/configfiles/conntrack: fix config file header to common format
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-10-27 22:08:38 +02:00
Tuomo Soini
74180f83b9 Shorewall6/configfiles: remove empty lines and fix blrules header to common format
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-10-27 22:04:49 +02:00
Tom Eastep
35b90c2709 Update documentation for 'remote-' vs. 'remote_'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-27 08:16:06 -07:00
Tom Eastep
69dd7ce0b9 Add 'persistent' provider option - Phase II
- Also allow the creation of 'persistent' routing rules and routes

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-25 16:45:11 -07:00
Tuomo Soini
8771041a63 shorewall6: remove version from restored
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-10-13 12:51:00 +03:00
Tuomo Soini
dc7082b7a1 shorewall[6]: remove version from shorewall6 and macros 2015-10-13 12:17:18 +03:00
Tom Eastep
a8e4671668 Remove version from config files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-12 15:02:50 -07:00
Tom Eastep
0dbe756e93 Manpage and Shorewall-5 changes for RESTART
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-12 13:49:24 -07:00
Tom Eastep
72d4637c22 Replace LEGACY_RESTART with RESTART
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-12 11:45:58 -07:00
Tom Eastep
bb538a7c10 Merge branch 'master' into 5.0.0
Conflicts:
	Shorewall-core/lib.common
	Shorewall-core/shorewallrc.debian.systemd
	Shorewall-lite/shorewall-lite.service.debian
	Shorewall/Perl/Shorewall/Chains.pm
	Shorewall/Perl/Shorewall/Compiler.pm
	Shorewall/Perl/Shorewall/Config.pm
	Shorewall/Perl/Shorewall/Misc.pm
	Shorewall/Perl/Shorewall/Raw.pm
	Shorewall/Perl/Shorewall/Tc.pm
	Shorewall/Perl/compiler.pl
	Shorewall/Perl/prog.footer
	Shorewall/lib.cli-std
	Shorewall/manpages/shorewall-mangle.xml
	Shorewall/manpages/shorewall.conf.xml
	Shorewall/manpages/shorewall.xml
	Shorewall/shorewall.service.debian
	Shorewall6-lite/shorewall6-lite.service.debian
	Shorewall6/manpages/shorewall6-mangle.xml
	Shorewall6/manpages/shorewall6.conf.xml
	Shorewall6/manpages/shorewall6.xml
	Shorewall6/shorewall6.service.debian
	docs/MultiISP.xml
	docs/Shorewall_Squid_Usage.xml
2015-10-12 10:55:36 -07:00
Tom Eastep
1db3bfb53e Manpage updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-10-10 13:19:41 -07:00
Tom Eastep
7dd9beeeae Remove FORMAT specifications from macros and actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-22 12:39:22 -07:00
Tom Eastep
1b2a43e5ea Merge branch '5.0.0' of ssh://git.code.sf.net/p/shorewall/code into 5.0.0 2015-09-12 12:31:45 -07:00
Tom Eastep
1b571f3d86 Correct the reset command
- Also allow chain names to be specified a la the refresh command

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-11 14:16:16 -07:00
Tuomo Soini
53dfe442c1 systemd: add reload to unit files
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-09-10 14:15:16 +03:00
Tom Eastep
7be4190e4c Man page updates for the PROBABILITY column in the masq files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-08 18:00:53 -07:00
Tom Eastep
0db233bf7c Correct shorewall6 mangle man page
- Replace 'TTL' by 'HL'

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-08 12:26:29 -07:00
Tom Eastep
426636458c Correct shorewall6 mangle man page
- Replace 'TTL' by 'HL'

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-08 12:25:59 -07:00
Tom Eastep
17d1caf8c5 Allow tags in global LOG_LEVELs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-06 16:08:59 -07:00
Tom Eastep
07976556ed More inline match documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-03 09:45:39 -07:00
Tom Eastep
682a449e7b Correct more Mangle examples
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-02 13:08:05 -07:00
Tom Eastep
ba3dba78ff Correct more Mangle examples
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-09-02 13:07:20 -07:00
Tom Eastep
ed90360b4c Remove all of the update-specific options from the update command
Leave -i and -A

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-31 14:21:41 -07:00
Tom Eastep
60e08322c5 Update man pages for 'minute' and 'second' in LOGLIMIT specifications
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-31 11:14:37 -07:00
Tom Eastep
10cda4cee7 Update man pages for 'minute' and 'second' in LOGLIMIT specifications
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-27 15:49:59 -07:00
Tom Eastep
dc2406d25b update -t also converts the 'tos' file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-26 13:51:02 -07:00
Tom Eastep
b2b3300ebf Correct the shorewall6-hosts man page
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-26 12:30:08 -07:00
Tom Eastep
1d8873d3d5 Correct the shorewall6-hosts man page
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-26 12:28:57 -07:00
Tom Eastep
f9ae28aeea The -t option also converts the 'tos' file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-24 14:56:24 -07:00
Tom Eastep
eae492cef5 Some rules manpage updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-22 09:24:47 -07:00
Tom Eastep
2451c14d8c Some rules manpage updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-22 08:27:52 -07:00
Tom Eastep
a30fdb356d Update man pages for required '?' in COMMENT, SECTION and FORMAT lines
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-22 08:00:38 -07:00
Tom Eastep
f4776bf388 Eliminate WIDE_TC_MARKS, HIGH_ROUTE_MARKS and BLACKLISTNEWONLY
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-21 12:42:19 -07:00
Tom Eastep
26fca41e27 Eliminate discontinued files and manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-20 15:17:48 -07:00
Tom Eastep
c59cb1351c Update manpages for new update options
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-20 11:08:10 -07:00
Tom Eastep
8bdea65325 Update manpages for new update options
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-13 16:12:28 -07:00
Tom Eastep
3b59e46799 Restore Debian-specific service files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-12 10:19:07 -07:00
Tom Eastep
2162d79b5f Manual Page Uptates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-03 15:09:16 -07:00
Tom Eastep
8bed5c9d65 Drop support for the IPSECFILE option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-03 10:11:52 -07:00
Tom Eastep
037e92a60e Eliminate some config options
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-01 14:28:12 -07:00
Tom Eastep
2165f746e6 Update .conf documents for 'reload'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-01 12:58:08 -07:00
Tom Eastep
ef9e75753a Restore .214 files
- Also merge Debian changes from 4.6.12

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-08-01 11:23:35 -07:00
Tom Eastep
85648bded1 Deimplement several .conf options
- LOGRATE/LOGBURST
- EXPORTPARAMS
- LEGACY_FASTSTART
2015-08-01 11:11:35 -07:00
Tom Eastep
67589cab69 More version changes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-28 10:59:11 -07:00
Tom Eastep
f40373d60c Update config file version and copyrights
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-28 10:50:19 -07:00
Tom Eastep
fa7248c58c Add the LEGACY_RESTART option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-27 09:19:52 -07:00
Tom Eastep
0a7c65ae0d Allow connlimit by destination
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-26 14:26:58 -07:00
Tom Eastep
34f58bd6ac Correct formatting in the rules file man pages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-26 11:36:14 -07:00
Tom Eastep
cecc81ce82 Update .service files
- make the .214 versions the default and remove the ones name *.214
- Add 'ExecReload' to all but Shorewall-init
- Create Debian-specific versions with /etc/default rather than /etc/sysconfig
2015-07-26 10:58:03 -07:00
Tom Eastep
f9ec0c6930 New 'reload' and 'restart' semantics
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-26 09:59:49 -07:00
Tom Eastep
df817b6d2c Correct formatting in the interfaces man pages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-13 13:06:53 -07:00
Tom Eastep
3d325431ff Change Default IPv6 .conf to specify INLINE_MATCHES=No
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-07-06 14:49:20 -07:00
Tom Eastep
0414166d6d 'show connections' enhancement
- Allow tayloring of the entries displayed by specifying conntrack
  -L options.
2015-06-29 14:55:47 -07:00
Tom Eastep
7153146759 Don't ask for script version when WORKAROUNDS=No
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-28 09:18:47 -07:00
Tom Eastep
7c9155a6e8 Update man pages and .conf files for WORKAROUNDS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-06-06 07:56:14 -07:00
Tom Eastep
f227250959 Fix NFQUEUE parsing and documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-29 18:19:35 -07:00
Tom Eastep
f629d574e6 Add ipv6 'findgw' file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-28 07:20:26 -07:00
Tom Eastep
425094de18 Mention load= warning (sum not 1.000000)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-25 10:31:08 -07:00
Tom Eastep
bbdbdf7c47 Clean up 'call' description in the manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-25 07:06:17 -07:00
Tom Eastep
df4d6f1f92 Document load= in the providers manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-22 16:31:21 -07:00
Tom Eastep
ba7afcaeae Make 'call' a supported command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-21 10:38:35 -07:00
Tom Eastep
267637f139 NFQUEUE enhancements
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-20 10:55:21 -07:00
Tom Eastep
acd921cd08 Don't require a helper for ctevents and expevents
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-16 13:40:40 -07:00
Tom Eastep
9329e7c36c Don't require a helper in the CT action.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-05-16 09:08:32 -07:00
Tom Eastep
2cea78e6df Add the 'reenable' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-04-28 13:02:12 -07:00
Tom Eastep
6cb3004a39 Clarify helper module loading
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-04-17 09:51:25 -07:00
Tom Eastep
f5aa0373cb Correct interfaces example 4
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-04-12 08:38:55 -07:00
Tom Eastep
057ad45fd9 Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2015-04-12 07:52:34 -07:00
Tuomo Soini
ade24e6299 shorewall6.service: wants before after to be consistent
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-04-12 11:31:39 +03:00
Tom Eastep
b128c30813 Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
Get Tuomo Soini's fix for serviced startup
2015-04-11 07:33:15 -07:00
Tuomo Soini
194252afd3 systemd: fix shorewall startup by adding Wants=network-online.target
Before shorewall failed to load if there were interfaces which were required
but there wasn't any other service which wanted network-online.target.
By adding Wants=network-online.target we make sure shorewall[6]* startup
won't fail if there are required interfaces

Signed-off-by: Tuomo Soini <tis@foobar.fi>
2015-04-11 10:50:54 +03:00
Tom Eastep
16e3cb1b43 More manpage updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-04-07 10:14:42 -07:00
Tom Eastep
27c1ffc5fb Include full syntax in lists of CLI commands
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-04-07 09:23:58 -07:00
Tom Eastep
0e54a86e82 Add descriptions of 'list' and 'ls' to the CLI manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-04-06 09:39:41 -07:00
Tom Eastep
eb3a162560 Apply Matt Darfeuille's fix for fatal_error()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-04-02 13:26:51 -07:00
Tom Eastep
a8026999a5 Another fix for the Shorewall6 uninstaller
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-04-02 07:47:53 -07:00
Tom Eastep
44142ed457 Apply Matt Darfeuille's uninstall fixes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-04-02 07:28:21 -07:00
Tom Eastep
b00a7af619 Allow a comma-separated list in the rtrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-18 15:16:25 -07:00
Tom Eastep
0c11870e46 Implement the 'savesets' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-17 10:03:12 -07:00
Tom Eastep
c5ef3fd905 Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code 2015-03-14 08:55:40 -07:00
Tom Eastep
86d6d6900e Improve 'close' and 'show opens' commands
- close accepts a rule number
- list opens displays rule numbers

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-14 08:54:30 -07:00
Tom Eastep
9a5cc5e51c Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code 2015-03-07 07:57:26 -08:00
Tom Eastep
d7a1ca41f9 Another attempt to correct the formatting of the manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-07 07:56:34 -08:00
Tom Eastep
d3552346b0 Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code 2015-03-06 15:38:48 -08:00
Tom Eastep
1e6c266b51 Formatting fix (I hope)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-06 15:37:56 -08:00
Tom Eastep
d6f8cda2d5 Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code 2015-03-06 14:10:13 -08:00
Tom Eastep
4cc866cd81 Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code 2015-03-06 14:09:11 -08:00
Tom Eastep
095e523c9f Add 'show opens' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-06 13:10:23 -08:00
Tom Eastep
2817060edb Improvements to the 'open' and 'close' commands
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-06 08:13:44 -08:00
Tom Eastep
a85fdc45ac Implement 'open' and 'close' commands
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-03-05 16:20:54 -08:00
Roberto C. Sánchez
5f2a8dd9cb Fix typo 2015-03-02 10:12:36 -05:00
Roberto C. Sánchez
a28cd7371c Fix typo 2015-03-02 10:10:52 -05:00
Roberto C. Sánchez
e9bb447537 Fix typo 2015-03-02 09:58:09 -05:00
Tom Eastep
cdc2d52208 Implement ADD and DEL in the mangle file.
- Also document the parameter to SAME

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-02-18 12:04:01 -08:00
Tom Eastep
b14e7c54f9 Merge branch '4.6.6' 2015-02-07 08:29:44 -08:00
Tom Eastep
30a5f508be Change samples to specify MODULE_SUFFIX="ko ko.xz"
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-02-06 12:56:35 -08:00
Orion Poplawski
9ad0b297e2 Supporting xz compressed kernel modules
- I've attached a patch that adds xz support to the default MODULE_SUFFIX.
- I'm wondering it wouldn't be better to not have MODULE_SUFFX=ko in various
sample configs so that the default value is used instead:

./Shorewall/configfiles/shorewall.conf:MODULE_SUFFIX=ko
./Shorewall/Samples/Universal/shorewall.conf:MODULE_SUFFIX=ko
./Shorewall/Samples/three-interfaces/shorewall.conf:MODULE_SUFFIX=ko
./Shorewall/Samples/two-interfaces/shorewall.conf:MODULE_SUFFIX=ko
./Shorewall/Samples/one-interface/shorewall.conf:MODULE_SUFFIX=ko
./docs/MultiISP.xml:MODULE_SUFFIX=ko
./docs/MyNetwork.xml:MODULE_SUFFIX=ko
./Shorewall6/configfiles/shorewall6.conf:MODULE_SUFFIX=ko
./Shorewall6/Samples6/Universal/shorewall6.conf:MODULE_SUFFIX=ko
./Shorewall6/Samples6/three-interfaces/shorewall6.conf:MODULE_SUFFIX=ko
./Shorewall6/Samples6/two-interfaces/shorewall6.conf:MODULE_SUFFIX=ko
./Shorewall6/Samples6/one-interface/shorewall6.conf:MODULE_SUFFIX=ko

- Is:

MODULE_SUFFIX=

sufficient to use the default value or does it need to be commented out?

Thanks,

  Orion

--
Orion Poplawski
Technical Manager                     303-415-9701 x222
NWRA, Boulder/CoRA Office             FAX: 303-415-9702
3380 Mitchell Lane                       orion@nwra.com
Boulder, CO 80301                   http://www.nwra.com

>From f13edf8fc07c7b62825408b8665b10d6014d368d Mon Sep 17 00:00:00 2001
From: Orion Poplawski <orion@cora.nwra.com>
Date: Mon, 26 Jan 2015 09:48:48 -0700
Subject: [PATCH] Support xz compressed modules

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-02-06 12:51:00 -08:00
Tom Eastep
5d110616a5 Merge branch '4.6.6' 2015-01-24 18:16:47 -08:00
Tom Eastep
a2b8069ee3 Clarify Zone exclusion
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-24 18:15:10 -08:00
Tom Eastep
50a0103e89 Merge branch '4.6.6' 2015-01-20 08:11:07 -08:00
Tom Eastep
6f2308e0fa Correct syntax of the SAVE and RESTORE actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-20 08:09:55 -08:00
Tom Eastep
28ac76bde4 Add tinc tunnel support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-13 13:28:37 -08:00
Tom Eastep
07c21b8968 Add 'primary' provider option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-06 09:06:27 -08:00
Tom Eastep
7dd9ccd06b Add the 'loopback' interface option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-03 09:22:40 -08:00
Tom Eastep
551a16d18f Document TARPIT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2015-01-01 09:14:00 -08:00
Tom Eastep
93285e2798 Cleanup of preceding fix
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-26 14:05:43 -08:00
Tom Eastep
2430796495 Document the -c option of 'show routing'
Correct choice in show commands to 'req'

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-26 12:15:28 -08:00
Tom Eastep
06ef7596cd Document the -c 'dump' option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-26 11:57:24 -08:00
Tom Eastep
227db0cfa7 Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code 2014-12-23 15:37:38 -08:00
Tom Eastep
c0f7d0e65d Start firewall after the network-online target has been reached
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-23 15:37:22 -08:00
Tom Eastep
fdf513fba6 Correct font in mangle manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-12-19 14:26:20 -08:00
Tom Eastep
7100af5380 Correct .service files
- Make them match earlier versions

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-11 18:05:04 -08:00
Tom Eastep
22ac37b51e Patches for Shorewall6 manpage from Thomas D
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-10 07:50:28 -08:00
Tom Eastep
6f5de7ef3f Add now logging modules to the modules files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-05 16:19:30 -08:00
Tom Eastep
2f545012a6 More documentation updates for -C
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 09:25:58 -08:00
Tom Eastep
4493b2ab6b Correct typo in 'rules' manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-02 06:50:40 -08:00
Tom Eastep
8fb73026c8 Replace SAVE_COUNTERS with the -C command option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-11-01 09:37:57 -07:00
Tom Eastep
a83c146636 Cleanup
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 20:27:06 -07:00
Tom Eastep
113f95c11e Provide STARTOPTIONS and RESTARTOPTIONS in all cases
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 10:22:39 -07:00
Tom Eastep
3454e10525 Add SAVE_COUNTERS option.
- Also implement recover command

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 08:57:56 -07:00
Tom Eastep
055fceb82f Update policy manpages for duel limits
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-22 12:27:27 -07:00
Tom Eastep
f5bdc9e7f4 Allow two limits in the RATE LIMIT columns
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-22 11:21:43 -07:00
Tom Eastep
b60d6dd6e5 Avoid duplicate module loads
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-20 10:42:53 -07:00
Tom Eastep
2784e93307 Load xt_LOG in both helpers files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-19 08:28:36 -07:00
Tom Eastep
20c8bf02b1 Correct Shorewall6 helpers file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-19 08:28:19 -07:00
Tom Eastep
38d4b1c5a9 Revert "Correct last patch"
This reverts commit b528625329.
2014-10-19 08:28:11 -07:00
Tom Eastep
e3a332ec27 Correct last patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-19 08:28:00 -07:00
Tom Eastep
49218a4d28 ipt_LOG in helpers file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-15 18:07:09 -07:00
Tom Eastep
3236cd2660 Reinstate IPv6 DropSmurfs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-13 12:34:25 -07:00
Tom Eastep
42363da458 Add new .service files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-09 10:00:53 -07:00
Tom Eastep
c5074bddb2 Rename the .service files to .service.214
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-09 09:45:52 -07:00
Tom Eastep
12458d111a Adjust the .service files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-08 17:28:22 -07:00
Tuomo Soini
a31fd20f22 Shorewall6/nat: clearly make it ipv6 specific 2014-10-07 12:42:57 +03:00
Tom Eastep
2c7ffb525d Updagte Shorewall6-nat manpage
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-05 20:09:18 -07:00
Tom Eastep
316866482b Add ipv6 nat file and manpage
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-05 19:54:19 -07:00
Tom Eastep
3206021278 Another round of uninstall fixes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-04 13:50:39 -07:00
Tom Eastep
9dc2bba025 More uninstall corrections.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-04 09:39:03 -07:00
Tom Eastep
770a505cd2 Delete DropSmurfs from IPv6 actions.std
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-30 16:16:53 -07:00
Tom Eastep
3e2c903a41 Revert "Only save ipsets of the proper family"
This reverts commit b053cab630.
2014-09-28 13:32:32 -07:00
Tom Eastep
b053cab630 Only save ipsets of the proper family
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-28 12:58:52 -07:00
Tom Eastep
cbcb1ff7e1 Add SAVE_IPSETS to shorewall6.conf.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-28 11:37:24 -07:00
Tom Eastep
3858683e94 Allow saving a specified list of ipsets
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-28 11:19:41 -07:00
Tom Eastep
10df9d31c4 Correct typo in the actions manpages (4.6.5 s/b 4.6.4).
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-25 14:47:27 -07:00
Tom Eastep
976a1f3deb Merge branch '4.6.3'
Conflicts:
	Shorewall/Perl/Shorewall/Misc.pm
2014-09-25 08:06:16 -07:00
Tom Eastep
ea40068c10 Fix ADMINISABSENTMINDED=No used with stoppedrules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-25 08:03:35 -07:00
Tom Eastep
580e00dabd Implement LOG_BACKEND option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-24 15:26:13 -07:00
Tom Eastep
a7b57ad32c Clarify iptrace logging.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-24 09:14:38 -07:00
Tom Eastep
ba7f88c912 Re-apply 'terminating' changes to the actions manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-23 09:33:57 -07:00
Tom Eastep
7481514a97 Implement the 'terminating' action option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-23 09:29:13 -07:00
Tom Eastep
1f5439257a Revert "Implement the 'terminating' action option"
This reverts commit 6851744cb7.
2014-09-23 07:39:25 -07:00
Tom Eastep
4495ed687b Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2014-09-23 07:10:46 -07:00
Tuomo Soini
a03f00bf0f systemd services: multi-user is not same as old runlevel 3 so use basic
add conflicts to obviously conflicting services
remove old version number from init files
remove legacy syslog.target which is not needed on modern systems
fix formatting of email address onold Copyright text

Signed-off-by: Tuomo Soini <tis@foobar.fi>
2014-09-23 16:44:03 +03:00
Tom Eastep
771e487b02 Merge branch '4.6.3' 2014-09-01 09:10:55 -07:00
Tom Eastep
0b66c475a7 Make <command> replacable in the run synopsis
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-01 09:10:03 -07:00
Tom Eastep
8727a6f1d8 Correct 'run' command synopsis in the shorewall[6] manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-01 08:52:09 -07:00
Tom Eastep
f9a62e1650 Correct builtin example in the actions manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-01 08:29:29 -07:00
Tom Eastep
6851744cb7 Implement the 'terminating' action option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-01 08:16:42 -07:00
Tom Eastep
4bacfced82 Another attempt to fix formatting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-24 11:59:51 -07:00
Tom Eastep
7c1bbd4dc7 Fix formatting in shorewall[6]-rules(5)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-24 11:29:44 -07:00
Tom Eastep
4347190f82 Clarify REJECT handling in IP[6]TABLE rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-24 09:10:10 -07:00
Tom Eastep
e49832f4b5 Run the 'init' script in the 'run' command.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-30 10:25:00 -07:00
Tom Eastep
31e5aeeaea Refine the 'run' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-29 10:30:07 -07:00
Tom Eastep
a7b18ca875 Implement 'run' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-28 07:04:56 -07:00
Tom Eastep
848078873d Update tcfilters manpages to mention BASIC_FILTERS=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-22 07:19:10 -07:00
Tom Eastep
a97e2fd3d9 Update manpages regarding 'status -i'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-12 19:37:05 -07:00
Tom Eastep
4a4cea46c0 Update copyrights in the Sample files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-06 13:44:34 -07:00
Tom Eastep
8bfff55ed2 Add a TIME column to the mangle file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-04 08:01:14 -07:00
Tom Eastep
b1a6ec7f03 Merge branch '4.6.1' 2014-07-02 21:41:27 -07:00
Tom Eastep
7fdc398a5e Revert "Revert "Revert "Add a TIME column to the mangle file"""
This reverts commit 1165b2689c.
2014-06-27 08:23:04 -07:00
Tom Eastep
1165b2689c Revert "Revert "Add a TIME column to the mangle file""
This reverts commit 9c7fcd09fd.
2014-06-27 08:14:28 -07:00
Tom Eastep
9c7fcd09fd Revert "Add a TIME column to the mangle file"
This reverts commit 824b14b714.
2014-06-25 07:33:42 -07:00