Commit Graph

683 Commits

Author SHA1 Message Date
Tom Eastep
f15e6d3995 Additional optimization in level 4.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-18 16:50:08 -07:00
Tom Eastep
55c88e8e81 Replace curly brace enclosure with a preceding caret to avoid ambiguity.
- {...} is used to enclose a set of column/value pairs and it is certain
  that the two will become confused.
2012-05-17 15:26:16 -07:00
Tom Eastep
3436fbd6ad Don't use ?INCLUDE in modules files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-17 10:45:12 -07:00
Tom Eastep
d220d3d9d5 Abandon action.GeoIP in favor of extended syntax in the SOURCE and DEST columns.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-17 10:44:02 -07:00
Tom Eastep
17e25932f0 Fixes for GeoIP
- Correct check for valid ACTION
- Add to Shorewall6/actions.std
- Only use geoip once per invocation

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-15 11:14:28 -07:00
Tom Eastep
3d541f50c8 Use "(S)" consistently in column headings.
- add synonyms so both the singular and plural forms are accepted.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 12:42:04 -07:00
Tom Eastep
9e743451f6 Add FORMAT 2 to tcrules files. Initialize $format in Tc.pm
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 07:08:06 -07:00
Tom Eastep
cb7fc31f0b Restore 4.5.3 compatibility
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-10 14:23:33 -07:00
Tom Eastep
69d735ea0a Make TPROXY actually work!
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-10 11:19:23 -07:00
Tom Eastep
605ef6ef86 Tweak to DIVERT plus correct TPROXY in man pages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-09 13:10:51 -07:00
Tom Eastep
582d025f58 Add DIVERT action to tcrules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-09 09:41:58 -07:00
Tom Eastep
cd35b6a13f Modify macro.BLACKLIST to use blacklog when appropriate
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-05 08:56:55 -07:00
Tom Eastep
097ab853db Apply Tuomo Soini's tunnels patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-04 06:18:22 -07:00
Tom Eastep
bd30d59f3d Fix annotated interfaces files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-03 14:09:49 -07:00
Tom Eastep
e4c4900b32 Add recent changes to a couple of config files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-03 12:32:47 -07:00
Tom Eastep
4d23ec2c48 Belatedly document FORMAT-2 interfaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-03 10:07:36 -07:00
Tom Eastep
15aa1dae62 Enhancements to the 'refresh' command.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-02 13:48:18 -07:00
Tom Eastep
2dd82a9898 Update Multi-ISP documentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-01 10:28:12 -07:00
Tom Eastep
dc63efdbfd Use ?INCLUDE in modules files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-25 07:33:40 -07:00
Tom Eastep
d904a2de86 Search and destroy trailing whitespace
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-24 14:52:57 -07:00
Tom Eastep
0f53c3cc7d Convert all interfaces files to format-2 only
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-24 10:53:09 -07:00
Tom Eastep
f40144f6af Corret tcrules manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-21 09:53:00 -07:00
Tom Eastep
34f5838365 Allow multiple GATEWAYS to be listed in the tunnels file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-18 09:28:37 -07:00
Tom Eastep
52ebca3fe1 Merge branch '4.5.2'
Conflicts:
	Shorewall-core/lib.cli
	Shorewall/Perl/Shorewall/Config.pm

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-16 13:47:05 -07:00
Tom Eastep
5a350d1899 More variable synchronization
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-16 11:40:49 -07:00
Tom Eastep
805166a354 Ressurect LOCKFILE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-16 07:21:06 -07:00
Tom Eastep
eb7a21030d Correct Makefiles
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-14 12:03:51 -07:00
Tom Eastep
a32ce5c34a Correct Makefiles
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-14 12:01:37 -07:00
Tom Eastep
59d1a57f06 Add the -T option to the load, reload, restart and start commands.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-11 14:28:44 -07:00
Tom Eastep
74fdd97b14 Warn about not using sections in the accounting file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-09 16:47:56 -07:00
Tom Eastep
a2abad3f68 Modify getparams to use the installed shorewallrc file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-07 09:07:07 -07:00
Tom Eastep
41266627cd Fix secondary CLIs
- construct the correct pathname for lib.cli
2012-04-03 08:09:18 -07:00
Tom Eastep
abd864eecb Update copyrights in init scripts that have them
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-03 07:52:39 -07:00
Tom Eastep
fb428bf564 Don't modify CONFDIR and SHAREDIR in the shell code
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-02 12:39:49 -07:00
Tom Eastep
a11e2dd452 Correct uninstall scripts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-02 06:48:23 -07:00
Tom Eastep
bb6e17fd3e Many changes involved in getting a relocated installations to work
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-01 10:47:24 -07:00
Tom Eastep
e48e13012c Fix up lib.base during installation
- Shorewall-core installer creates all necessary directories.
2012-04-01 08:16:07 -07:00
Tom Eastep
fead683f18 Modify init scripts if ${SHAREDIR} is non-standard
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-30 16:21:37 -07:00
Tom Eastep
0d19c99699 Correct default setting of CONFDIR when .shorewallrc is not found
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-28 06:28:53 -07:00
Tom Eastep
b31f656d63 Update uninstall scripts for multiple .shorewallrc locations.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-26 16:19:40 -07:00
Tom Eastep
fd82877312 Another fix for init.sh
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-26 07:49:49 -07:00
Tom Eastep
2518c653af Modify RedHat/Fedora init scripts for shorewallrc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-26 07:20:31 -07:00
Tom Eastep
877796a7ca Add shorewallrc processing to other CLI programs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-24 22:14:01 -07:00
Tom Eastep
eb118e4443 Add shorewallrc files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-24 13:05:39 -07:00
Tom Eastep
7bc823fb8b Support 'kerneltz'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 15:57:38 -07:00
Tom Eastep
15ca0fd1f0 Add IPSET_WARNINGS option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 19:30:04 -07:00
Tom Eastep
b7465262ca Rename MARK/CLASSIFY column to ACTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-16 10:09:13 -07:00
Tom Eastep
ab13fbe95e Allow conditional compilation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-16 08:16:12 -07:00
Tom Eastep
3e9edcb7e8 Correct typos in accounting manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-14 14:50:25 -07:00
Tom Eastep
4ba88d2e9c Merge branch '4.5.1' 2012-03-14 11:00:56 -07:00
Tom Eastep
aa503e7211 Apply Tuomo Soini's Makefile patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-14 10:57:41 -07:00
Tom Eastep
98f8edbde5 Apply two patches from Tuomo Soini
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-13 13:27:20 -07:00
Tom Eastep
1dd6a8b291 Document use of chain designators with DSCP and TOS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-13 13:26:29 -07:00
Tom Eastep
feb5cc0093 Document use of chain designators with DSCP and TOS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-13 13:25:37 -07:00
Tom Eastep
acb2e2a8ab Implement mss= in hosts file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-12 15:14:35 -07:00
Tom Eastep
fa9f8329b5 Apply two patches from Tuomo Soini
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-12 13:57:37 -07:00
Tom Eastep
48570227ba Big cleanup of TOS handling
- Validate settings/matches
- Allow setting in the tcrules file.
- Deprecate /etc/shorewall[6]/tos
2012-03-09 16:16:25 -08:00
Roberto C. Sanchez
87381a0f65 FIx typos 2012-02-24 23:02:30 -05:00
Tom Eastep
7de961ebfe Fix broken init scripts.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-21 13:16:12 -08:00
Tom Eastep
d5af9c360d Implement FORMAT-2 interfaces file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-21 11:23:58 -08:00
Tom Eastep
a1ec1dc178 Add DSCP match support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-20 08:47:48 -08:00
Tom Eastep
58f0425d4a Correct a typo in the blrules manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-17 15:33:45 -08:00
Tom Eastep
b462503527 Merge branch '4.5.0' 2012-02-05 07:26:39 -08:00
Tom Eastep
7887def6ad Move manpages directories to their respective product directories
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-05 07:09:27 -08:00
Tom Eastep
6cf7a98eeb Move Samples into the corresponding product directory
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-04 17:18:55 -08:00
Tom Eastep
aeac7cacb0 Make shorewall-init work again.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-20 09:10:13 -08:00
Tom Eastep
25d45dedfc Add STARTOPTIONS and RESTARTOPTIONS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-16 10:03:13 -08:00
Tom Eastep
93bd0b59a8 Load lib.base from lib.cli
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-14 14:17:06 -08:00
Tom Eastep
4c2df6fea7 Rename route_rules to rtrules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-09 06:38:55 -08:00
Tom Eastep
6f5ab698b4 Add a PROBABILITY column to the tcrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-06 12:54:37 -08:00
Tom Eastep
9353788285 Correct uninstall scripts for Shorewall and Shorewall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-04 08:07:27 -08:00
Tom Eastep
e545bf4f04 Unify install files between Shorewall and Shorewall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-03 16:35:41 -08:00
Tom Eastep
a39f4699dc Update versions and copyrights
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-02 07:43:13 -08:00
Tom Eastep
48a59e032e Add Shorewall-common
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-01 20:30:09 -08:00
Tom Eastep
53451bdaa6 Remove BLACKLIST section from rules files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-27 15:32:49 -08:00
Tom Eastep
c03fe0a076 Implement USE_LOGICAL_NAMES.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-20 16:03:56 -08:00
Tom Eastep
3e72442954 Convert sample notrack files to FORMAT 2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-20 14:38:44 -08:00
Tom Eastep
74cee48bc0 Change /sbin/shorewall6 back into a file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-19 15:52:42 -08:00
Tom Eastep
d4957696d1 Update man pages and sample files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 17:45:09 -08:00
Tom Eastep
299701e466 Make /sbin/shorewall6 a symbolic link
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-04 10:21:33 -08:00
Tom Eastep
e7d2b1d4ed Consolidate the lib.common files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-04 09:19:48 -08:00
Tom Eastep
0138419cb7 Delete obsolete libs during install
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-03 12:28:31 -08:00
Tom Eastep
860ce45924 Delete redundant files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-03 11:22:22 -08:00
Tom Eastep
bc3782c3de Pass $CONFIG_PATH to compiler.pl
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-02 09:31:26 -08:00
Tom Eastep
3110f7c74a Add enable/disable commands to the CLIs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-01 10:25:51 -08:00
Tom Eastep
d27965a4d2 Enable 'update' in shorewall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-30 08:12:49 -08:00
Tom Eastep
3581b2667e Don't install the blacklist file in /etc/shorewall[6]
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-27 14:39:59 -08:00
Tom Eastep
4d30811794 Implement 'show marks'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 12:29:17 -08:00
Tom Eastep
86c51f24d9 Deprecate the old mark layout options.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 17:14:05 -08:00
Tom Eastep
9d56fcab89 Update Shorewall6 .conf files and manpage
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-19 16:54:10 -08:00
Tom Eastep
73ed66b9b9 Add ULOG and NFLOG capabilities plus LOGMARK for IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-12 14:10:48 -08:00
Tom Eastep
d053faadde Allow convertion of a legacy blacklist configuration
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-08 12:59:40 -08:00
Tom Eastep
6108a9cad8 Delete BLACKLISTSECTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-06 14:46:14 -08:00
Tom Eastep
da7516d401 Update config files and manpages for BLACKLISTSECTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-06 12:05:07 -08:00
Tom Eastep
755ed9859b Merge branch '4.4.25' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall 2011-11-06 06:16:43 -08:00
Roberto C. Sanchez
cf8c30904d Add support for a "status" command to the Debian init scripts
(cherry picked from commit d36a2030ea)
2011-11-06 09:10:59 -05:00
Tom Eastep
38d1a2ada9 Add DropSmurfs and TCPFlags to the IPv6 actions.std file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-05 07:54:21 -07:00
Tom Eastep
d883e45f83 Correct 'start -f' with AUTOMAKE=Yes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-05 07:54:05 -07:00
Tom Eastep
e236be37db Include the rawpost table in dump output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-05 07:52:40 -07:00
Tom Eastep
8b8140cc9f Add 'Basic Filter' capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-01 06:34:57 -07:00