Tom Eastep
|
6b5889177b
|
Correct startup_error() inadvertent change
- Switch ensure_root() back to calling startup_error()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-12-30 09:24:21 -08:00 |
|
Tom Eastep
|
d8a22d13dd
|
Allow non-root to run many 'show' commands
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-12-28 10:49:09 -08:00 |
|
Tom Eastep
|
c907748b52
|
Correct typo in 'dump'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-11-30 14:31:33 -08:00 |
|
Tom Eastep
|
f1975ae9b0
|
More robust detection of empty SPD entries.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-10-15 08:26:27 -07:00 |
|
Tom Eastep
|
7b9f7c095d
|
Don't dump SPD entries for the other address family
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-10-14 13:39:00 -07:00 |
|
Tom Eastep
|
108b169d8d
|
Treat LOG_TARGET like all other capabilities
- Previous implementation could generate unworkable script when
LOAD_HELPERS_ONLY=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-10-06 08:01:52 -07:00 |
|
Tom Eastep
|
a9fbaa57ed
|
Pass -$g_family to 'ip xfrm' commands
- This currently doesn't work correctly, but maybe it will in the future
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-10-06 08:00:29 -07:00 |
|
Tom Eastep
|
317f12041b
|
Strengthen the test for empty SPD entries
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-09-30 15:43:17 -07:00 |
|
Tom Eastep
|
ef1353790e
|
Correct VLSM editing in the 'ipcalc' command.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-09-12 10:53:41 -07:00 |
|
Tom Eastep
|
7e3521e221
|
RESTORE_WAIT_OPTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-08-13 18:56:40 -07:00 |
|
Tom Eastep
|
b4a06e9656
|
NFLOG_SIZE capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-06-25 13:44:26 -07:00 |
|
Tom Eastep
|
d4c016d9c5
|
'reload' documentation corrections
- Add command synopsis to the manpage
- Correct command synopsis in help output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-03-09 12:50:30 -08:00 |
|
Tom Eastep
|
6966270822
|
Allow 'show action' on buitin actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-02-19 13:43:23 -08:00 |
|
Tom Eastep
|
4c97c58981
|
Apply Tuomo's fix for CLI run with no command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-02-06 10:25:20 -08:00 |
|
Tom Eastep
|
d111e4f186
|
Handle built-in actions in 'show action'
- Remove a couple of non-actions from IPv4 actions.std
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-22 15:40:36 -08:00 |
|
Tom Eastep
|
4a01e910ff
|
Delete unused iptablesbug() function
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-21 14:42:24 -08:00 |
|
Tom Eastep
|
2a010f827b
|
Add 'show action' command.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-19 15:58:18 -08:00 |
|
Tom Eastep
|
b36b07b567
|
Correct 'show macros'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-12 08:35:03 -08:00 |
|
Tom Eastep
|
0b3d1b1d36
|
Revert code that assumed no CLI symlinks
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2017-01-04 17:12:20 -08:00 |
|
Tom Eastep
|
5174fe0161
|
Avoid echo options
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-12-28 11:09:08 -08:00 |
|
Tom Eastep
|
638c7c5bca
|
Implement NETMAP_TARGET capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-12-27 08:26:51 -08:00 |
|
Tom Eastep
|
c4bbb46e3f
|
Eliminate rawpost table support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-12-26 14:20:08 -08:00 |
|
Tom Eastep
|
1b97783c23
|
Implement 'show ipsec'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-12-23 10:01:40 -08:00 |
|
Tom Eastep
|
1a95db73e9
|
Revert idiotic change to lib.cli
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-12-20 08:39:26 -08:00 |
|
Tom Eastep
|
089ff4eb33
|
Establish default product based on $0
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-12-18 11:18:07 -08:00 |
|
Tom Eastep
|
7ce5c31c68
|
Use 'ip -s xfrm' to dump the SPD and SAD
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-12-17 14:43:16 -08:00 |
|
Tom Eastep
|
eea9882953
|
Implement CPU Fanout for NFQUEUE.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-12-09 10:46:39 -08:00 |
|
Tom Eastep
|
4a410c7b4c
|
Correct 'restore' exit status
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-12-02 09:32:00 -08:00 |
|
Tom Eastep
|
38c9165c39
|
More shorewall(8) documentation updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-11-21 13:57:06 -08:00 |
|
Tom Eastep
|
bd2df4836d
|
Break lib.base into two libraries
- Allows separation of default product determination and
establishment of the product environment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-11-21 13:25:57 -08:00 |
|
Tom Eastep
|
875c352473
|
Unify the CLI
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-11-21 10:00:55 -08:00 |
|
Tom Eastep
|
de553e7b18
|
Add the -l option
- Update shorewall(8)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-11-20 09:16:16 -08:00 |
|
Tom Eastep
|
36517cdb1e
|
Rename setup_environment to setup_product_environment
- Default to first detected product
- Verify that specified product is installed
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-11-20 08:48:18 -08:00 |
|
Tom Eastep
|
8b99fe20b5
|
Pave the way for unifying the CLI
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-11-19 21:17:35 -08:00 |
|
Tom Eastep
|
137b051e52
|
Centralize setting of product-dependent g_* variables
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-11-19 17:17:03 -08:00 |
|
Tom Eastep
|
9eb390403b
|
Implement -p option to disable PAGER
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-11-17 10:58:10 -08:00 |
|
Tom Eastep
|
ab9f340c55
|
use $PAGER in the 'show macro' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-11-17 10:57:39 -08:00 |
|
Tom Eastep
|
cecfe54ef6
|
Avoid shell errors when /proc/net/xt_recent/ is empty.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-11-03 21:29:01 -07:00 |
|
Tom Eastep
|
5b26f1939b
|
Correct 'sed' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-22 09:56:59 -07:00 |
|
Tom Eastep
|
49fae96b09
|
Update the manpages for 'blacklist' verbosity
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-10 19:45:42 -07:00 |
|
Tom Eastep
|
b3e59322b6
|
Clean up the output of 'blacklist'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-10 13:26:01 -07:00 |
|
Tom Eastep
|
eb6ae5e186
|
Correct handling of DYNAMIC_BLACKLIST options
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-05 16:56:29 -07:00 |
|
Tom Eastep
|
ca7ca4bdfe
|
Add a 'timeout' option to DYNAMIC_BLACKLIST
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-05 12:56:47 -07:00 |
|
Tom Eastep
|
c19e732e42
|
Correct typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-04 10:00:00 -07:00 |
|
Tom Eastep
|
8d731c81e4
|
Add 'disconnect' option to ipset-based dynamic blacklisting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-04 09:09:45 -07:00 |
|
Tom Eastep
|
1b032f7524
|
Correct permissions of files created by the 'save' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-10-01 13:49:35 -07:00 |
|
Tom Eastep
|
e81a4788c6
|
Implement DEFAULT_PAGER in shorewallrc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-09-21 10:20:48 -07:00 |
|
Tom Eastep
|
4a6338d857
|
Correct/complete Scott Sumate's LOGFILE enhancement
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-07-15 14:25:02 -07:00 |
|
Scott Shumate
|
55ee0113ea
|
Added support for systemd logging by configuring LOGFILE=systemd
|
2016-07-15 13:40:23 -05:00 |
|
Tom Eastep
|
56b6db1a3d
|
Make the allow command work with both ipset and chain dynamic blacklisting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2016-06-14 13:42:20 -07:00 |
|