Commit Graph

1193 Commits

Author SHA1 Message Date
Tom Eastep
e81a4788c6
Implement DEFAULT_PAGER in shorewallrc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-21 10:20:48 -07:00
Tom Eastep
8bb7c2363b
Support '+' after a zone list in the policy files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-10 10:06:38 -07:00
Tom Eastep
2c90a8bfb5
Allow zone lists in the SOURCE and DEST columns of the policy files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-09-10 08:47:48 -07:00
Tom Eastep
a05b957498
Corrections in the shorewall[6].conf manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-08-15 10:24:23 -07:00
Tom Eastep
0b9cd93769
Default DSCP rules to the POSTROUTING chain
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-07-27 13:59:15 -07:00
Tom Eastep
4a6338d857
Correct/complete Scott Sumate's LOGFILE enhancement
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-07-15 14:25:02 -07:00
Roberto C. Sánchez
7c9876241c
Debian init scripts: add run-level 1 to Default-Stop specification 2016-07-04 17:37:00 -04:00
Roberto C. Sánchez
8b36c2c1cf
Debian init scripts: more accurately describe what action is being taken 2016-07-04 13:34:33 -04:00
Tom Eastep
e71fb3249a
Add 'dbl' interface option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-06-15 16:35:41 -07:00
Tom Eastep
4869f61a25
'allow' now works with ipset-based dynamic blacklisting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-06-09 08:44:25 -07:00
Tom Eastep
9b7088158b
Correct ipv6-route header number
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-05-10 07:12:01 -07:00
Tom Eastep
d4df67966d Turn on AUTOMAKE in the sample configurations
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-05-06 08:46:11 -07:00
Tom Eastep
590243a787 Add NFLOG as a supported mangle action
- Also document nflog-parameters
- Correct range of nflog groups

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-05-03 11:27:34 -07:00
Tom Eastep
b7de785396 Correct typo in manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-30 08:34:43 -07:00
Tom Eastep
24d40f4cc2 Add VERBOSE_MESSAGES option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-30 08:00:56 -07:00
Tom Eastep
71bd7a4647 Update the STARTUP_LOG description in shorewall[6].conf
- Update list of commands

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-19 07:49:37 -07:00
Tom Eastep
2b7ef0fe32 Update the tcclasses manpage to discuss fw mark filter priority
- Also correct default priorities for tos= and tcp-ack

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-18 09:18:48 -07:00
Tom Eastep
32f888a7d4 Add an ENVIRONMENT section to the CLI manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-15 15:41:55 -07:00
Tom Eastep
dbd42e1d5d More ipset fixes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-12 16:29:13 -07:00
Tom Eastep
deaaecdf1c Add 'nodbl' interface option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-10 16:09:39 -07:00
Tom Eastep
05e4049174 Ipset-based blacklisting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-10 16:07:56 -07:00
Tom Eastep
ef10515a42 Correct FASTACCEPT description
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-10 07:20:45 -07:00
Tom Eastep
95e4071f34 Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2016-04-06 07:42:46 -07:00
Tuomo Soini
20179a5c9d remove completely false README.txt
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-06 10:23:58 +03:00
Tom Eastep
54843c617d Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2016-04-05 11:46:42 -07:00
Tom Eastep
e9467326f3 Allow allow REJECT to take a parameter
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-05 11:20:44 -07:00
Tuomo Soini
35bc0bd8ef lib.base: format to new headers
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:27:47 +03:00
Tuomo Soini
4034ebc270 modules.xtables: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:25:36 +03:00
Tuomo Soini
bd33bb7105 modules.tc: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:25:36 +03:00
Tuomo Soini
dbb23d8807 modules.ipset: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:25:36 +03:00
Tuomo Soini
5c4ee58f44 modules.extensions: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:25:36 +03:00
Tuomo Soini
bf8b519da6 modules.essential: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:25:36 +03:00
Tuomo Soini
724d430ba4 action.template: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:20:55 +03:00
Tuomo Soini
11479b14f9 action.mangletemplate: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:20:55 +03:00
Tuomo Soini
54eea167e5 action.Broadcast: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:20:55 +03:00
Tuomo Soini
8d92d07352 action.AllowICMPs: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:20:55 +03:00
Tuomo Soini
6122a1db19 action.A_AllowICMPs: reformat to new header style
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2016-04-05 20:20:55 +03:00
Tom Eastep
9a7f6512a1 Delete IPv6 actions that duplicate IPv4 actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-04 15:58:39 -07:00
Tom Eastep
a96ee0ab9a Make IPv6 Auth default consistent with IPv4
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-04 12:59:09 -07:00
Tom Eastep
81d76e3817 Document + in the MODULESDIR setting.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-04-01 09:43:06 -07:00
Roberto C. Sánchez
899a317c95 Fix typos 2016-03-26 22:25:30 -04:00
Tom Eastep
273c89a753 Implement MARK and CONNMARK in the rules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-18 11:42:58 -07:00
Tom Eastep
0b5d59870b Remove embedded Perl from Shorewall6 Drop and Reject actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-16 15:07:59 -07:00
Tom Eastep
eed7692952 Document the state action option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-14 15:15:32 -07:00
Tom Eastep
3c544b20e6 Convert the state actions to use the 'state' action option
- Also avoid the CLI having to know about builtin actions

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-14 14:54:09 -07:00
Tom Eastep
95da427ea8 Update manpages for 'audit' actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-13 15:53:31 -07:00
Tom Eastep
ec9148637f Inline mangle actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-09 10:28:02 -08:00
Tom Eastep
1add0487f6 Document Mangle Actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-07 14:56:20 -08:00
Tom Eastep
d4e2508a90 Clarify USE_DEFAULT_RT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-04 14:26:42 -08:00
Tom Eastep
62880bdf1b Don't populate PAGER in the sample config files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-02 13:04:47 -08:00