Tom Eastep
f15e6d3995
Additional optimization in level 4.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-18 16:50:08 -07:00
Tom Eastep
3f42350a7b
Don't overwrite empty mark geometry settings.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-18 11:37:49 -07:00
Tom Eastep
e8648c993d
Use blackhole routes rather than unreachable.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-18 10:50:13 -07:00
Tom Eastep
55c88e8e81
Replace curly brace enclosure with a preceding caret to avoid ambiguity.
...
- {...} is used to enclose a set of column/value pairs and it is certain
that the two will become confused.
2012-05-17 15:26:16 -07:00
Tom Eastep
f5f80d2ccc
Re-arrange enforcement of restrictions on geoip.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-17 13:59:56 -07:00
Tom Eastep
d220d3d9d5
Abandon action.GeoIP in favor of extended syntax in the SOURCE and DEST columns.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-17 10:44:02 -07:00
Tom Eastep
6148c909f2
fix multiple ipsets in an imatch
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-16 19:52:41 -07:00
Tom Eastep
2eb25f3f6a
Correct the grammar in an error message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-16 07:52:42 -07:00
Tom Eastep
43d882db2b
Cosmetic cleanup
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-15 16:44:35 -07:00
Tom Eastep
78af118b9a
Quote original list when a translated list is ill-formed.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-15 16:39:46 -07:00
Tom Eastep
85f58d6906
Avoid funny-looking ERROR: messages out of Embedded Perl.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-15 16:38:56 -07:00
Tom Eastep
ac2ed505bb
Add GeoIP support
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-14 17:12:46 -07:00
Tom Eastep
926e589414
Exit the tcpost chain if a connection mark is restored
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-14 10:35:42 -07:00
Tom Eastep
cd150af790
Update .status file on disable
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-12 07:44:46 -07:00
Tom Eastep
cd98266396
Correct add of default IPv6 route when no gateway specified
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-12 07:15:24 -07:00
Tom Eastep
3d541f50c8
Use "(S)" consistently in column headings.
...
- add synonyms so both the singular and plural forms are accepted.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 12:42:04 -07:00
Tom Eastep
f77b350a7b
Clear the 'balance' table if no balanced providers.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 11:28:06 -07:00
Tom Eastep
bed4457e0e
Delete jump to 'tproxy'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 09:00:09 -07:00
Tom Eastep
2d5269be7b
Fix another conditional compilation bug.
...
?IF $false
?IF $false
...
?ENDIF
foo <------- This line is not omitted!
?ENDIF
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 07:44:46 -07:00
Tom Eastep
a05b3afd7f
Eliminate the 'tproxy' chain
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 07:42:44 -07:00
Tom Eastep
9e743451f6
Add FORMAT 2 to tcrules files. Initialize $format in Tc.pm
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 07:08:06 -07:00
Tom Eastep
cb7fc31f0b
Restore 4.5.3 compatibility
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-10 14:23:33 -07:00
Tom Eastep
69d735ea0a
Make TPROXY actually work!
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-10 11:19:23 -07:00
Tom Eastep
4d4fc315e0
More TPROXY changes
...
- Combine identical DIVERT chains.
- Add --transparent to -m socket
- Reserve a TPROXY bit in the fwmark
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-10 07:25:07 -07:00
Tom Eastep
820c965b72
Allow Shorewall::Config::in_hex() to accept an argument already expressed in hex.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-09 13:51:49 -07:00
Tom Eastep
605ef6ef86
Tweak to DIVERT plus correct TPROXY in man pages.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-09 13:10:51 -07:00
Tom Eastep
2eb7af23dc
Merge branch 'master' into 4.5.3
2012-05-09 10:03:43 -07:00
Tom Eastep
582d025f58
Add DIVERT action to tcrules.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-09 09:41:58 -07:00
Tom Eastep
b55d8c04e4
Do logical->physical mapping in rtrules.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-08 14:52:18 -07:00
Tom Eastep
3b6f5b2d8a
Finish alternative balancing
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-08 13:55:13 -07:00
Tom Eastep
6639b3534e
Close all input files in Shorewall::Config::cleanup()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-08 08:58:14 -07:00
Tom Eastep
59bf343521
Leave first filename and linenumber on the same line as error text.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-08 08:55:24 -07:00
Tom Eastep
1d6e6b65db
Finish a comment
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 17:06:35 -07:00
Tom Eastep
2224fdbc65
Correct help text in compiler.pl
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 16:55:51 -07:00
Tom Eastep
fd1d6cf935
Handle default shorewallrc location
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 16:55:17 -07:00
Tom Eastep
5d7442e9e9
Correct typo in converted blrules file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 12:13:26 -07:00
Tom Eastep
ef90006334
Avoid reference to unitialized variable on bogus FORMAT in interfaces
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 12:00:21 -07:00
Tom Eastep
2cbf1e86ad
Allow synonyms for column names in alternate specification formats
...
- gateway and gateways in the tunnels file
- mark and action in the tcrules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 11:59:47 -07:00
Tom Eastep
dd8e9ff09d
Fix 'COMMENT' along in the tunnels file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 11:58:37 -07:00
Tom Eastep
4320150dc4
Add alternate specification in tunnels file ('gateways')
...
- Make similar change in tcrules file with 'action'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 07:43:11 -07:00
Tom Eastep
003daec41c
Remove a couple of hard-coded '/usr/share' in Shorewall::Config
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-06 17:30:17 -07:00
Tom Eastep
aac00c3cc7
Pop open stack in run_user_exit1 and run_user_exit2
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-05 10:31:55 -07:00
Tom Eastep
af228806fc
Allow manual changes to be used in macros.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-05 08:56:26 -07:00
Tom Eastep
1d90ee174c
Cleanup of ERROR/WARNING message enhancement.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-04 07:01:08 -07:00
Tom Eastep
3e37f47fb5
Print out the include/open stack in WARNING and ERROR messages.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-03 17:17:55 -07:00
Tom Eastep
894931731b
Merge branch 'master' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall
2012-05-02 07:04:30 -07:00
Tom Eastep
731b310359
Use --hashlimit-upto when available.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-30 13:45:09 -07:00
Tom Eastep
35c08c109e
Fix IPv4 'reset'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-30 07:54:40 -07:00
Tom Eastep
766771d812
Remove absurd test
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-30 07:48:07 -07:00
Tom Eastep
b9e6349994
Add some comments
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-29 09:07:34 -07:00