Tom Eastep
ded852e0ee
Fix compilation warning
2010-10-19 08:42:35 -07:00
Tom Eastep
3ec6185f72
Run update-rc.d on Debian
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-13 08:42:35 -07:00
Tom Eastep
28e473d9a1
Document change to FORWARD_CLEAR_MARK default
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-10 07:49:17 -07:00
Tom Eastep
11f2c7772a
Clear FORWARD_CLEAR_MARK setting in the remaining config files
2010-10-09 11:28:13 -07:00
Tom Eastep
17860cacd8
Move dump_command() to a more logical place in the file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-07 14:36:05 -07:00
Tom Eastep
033d43b014
Implement undocumented dumpfilter extension file
2010-10-07 14:35:51 -07:00
Tom Eastep
f0ef27b3e5
Update version to RC1
2010-10-06 16:16:37 -07:00
Tom Eastep
b9602d9a6a
Correct typo in the release notes
2010-10-06 11:24:45 -07:00
Tom Eastep
3d90c63528
Improve validation and reporting in the net list processing.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-05 16:20:07 -07:00
Tom Eastep
a10ced2da2
Make exclusion of set lists more consistent
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-05 12:22:27 -07:00
Tom Eastep
7767d30c7c
Improve error message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-05 11:25:18 -07:00
Tom Eastep
587dacdae0
Allow set lists with "!"
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-05 08:38:30 -07:00
Tom Eastep
8fd221ef30
Refine source/dest network parsing in expand_rule()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-04 18:57:11 -07:00
Tom Eastep
e74f48410f
Correct handling of exclusion with ipset lists
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-04 14:29:50 -07:00
Tom Eastep
38851fe446
Delete obsolete options from shorewall.conf
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-04 07:44:28 -07:00
Tom Eastep
cee05d9763
Refine -lite handling of scfilter.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-03 12:52:30 -07:00
Tom Eastep
b3d0447ef2
Reword scfilter -lite explaination
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-03 11:00:51 -07:00
Tom Eastep
432534a650
Eliminate need to restart -lite to extract scfilter
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-03 10:56:55 -07:00
Tom Eastep
994ea3cce6
Document -lite log reading fix.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-03 08:35:17 -07:00
Tom Eastep
f9af35ffbe
Document -lite fixes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-02 07:22:37 -07:00
Tom Eastep
b27fd07e9f
Don't indent the embedded scfilter file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-01 13:20:36 -07:00
Tom Eastep
ac71868cc1
Package the scfilter along with the generated script for -lite
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-01 10:59:15 -07:00
Tom Eastep
6e9fc12517
Update version to Beta 4
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-01 09:31:11 -07:00
Tom Eastep
468af44876
Add support for 'scfilter' script
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-01 09:15:58 -07:00
Tom Eastep
2fa7e11976
Add 'scfilter' extension script
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-10-01 07:38:14 -07:00
Tom Eastep
3898edfddb
Make 'show connections' work on ancient distros
2010-09-30 17:18:58 -07:00
Tom Eastep
077aa18a2d
Update release notes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-30 15:03:02 -07:00
Tom Eastep
e795a9995b
Update release documents
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-30 14:17:51 -07:00
Tom Eastep
1218ccf0cb
More optimization performance improvements
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-30 14:15:19 -07:00
Tom Eastep
252a9f2205
More speedup of optimization level 8
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-29 13:30:10 -07:00
Tom Eastep
46f1074422
Reduce the cost of optimization substantially.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-29 11:54:39 -07:00
Tom Eastep
8017f603a0
Add progress message for each optimization pass.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-28 12:20:35 -07:00
Tom Eastep
6171d938f7
Correction to last change -- move two declarations to an outer block.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-28 12:20:06 -07:00
Tom Eastep
48c3200a5a
Issue error message when required file is missing or has zero size.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-28 11:22:47 -07:00
Tom Eastep
68f537ac5b
Bypass processing logic when an optional config file is absent.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-28 10:48:44 -07:00
Tom Eastep
47fbc83419
Don't add trailing whitespace to DNAT/REDIRECT target
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-28 09:27:42 -07:00
Tom Eastep
91aabfc078
Revise fix for extraneous progress messages
2010-09-27 16:18:11 -07:00
Tom Eastep
0109b8113a
Prevent random progress messages during compilation.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-27 15:56:22 -07:00
Tom Eastep
75d50d126c
Make zones with 'mss' complex.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-27 13:57:56 -07:00
Tom Eastep
f7eb3c3d8c
Periodic elimination of trailing white space
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-27 11:16:18 -07:00
Tom Eastep
f33912d5f7
Correct/update release notes.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-27 09:11:17 -07:00
Tom Eastep
ac646930a3
Tighter validation of ipset names in the hosts file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-26 08:36:27 -07:00
Tom Eastep
066c772fcd
Correct minor issue with previous error message improvement change
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-26 08:28:25 -07:00
Tom Eastep
0becb39202
Bump version to Beta 3
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-26 08:15:32 -07:00
Tom Eastep
2828b65326
Improve error message generated when a token beginning with '+' reaches validate_net()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-26 07:56:55 -07:00
Tom Eastep
74f1cb2443
Mention maclist file in shorewall-ipsets(5)
2010-09-25 16:07:56 -07:00
Tom Eastep
f07ec1e9d3
Clean up untidiness where Shorewall6 tries to start on a system with an old kernel
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-25 08:46:14 -07:00
Tom Eastep
e018ee6adc
Don't create <zone>_frwd when unnecessary
...
- Set the zone {complex} flag based on ipsec options rather than the presense of any options.
- Generate forwarding blacklist rules in lieu of creating<zone>_frwd
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-24 15:25:57 -07:00
Tom Eastep
b5fdb089bc
Fix syntax error in blacklist fix
2010-09-24 13:42:05 -07:00
Tom Eastep
0768235278
Correct blacklisting in simple configurations
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2010-09-24 13:41:54 -07:00