Commit Graph

2126 Commits

Author SHA1 Message Date
Tom Eastep
f15e6d3995 Additional optimization in level 4.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-18 16:50:08 -07:00
Tom Eastep
3f42350a7b Don't overwrite empty mark geometry settings.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-18 11:37:49 -07:00
Tom Eastep
e8648c993d Use blackhole routes rather than unreachable.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-18 10:50:13 -07:00
Tom Eastep
55c88e8e81 Replace curly brace enclosure with a preceding caret to avoid ambiguity.
- {...} is used to enclose a set of column/value pairs and it is certain
  that the two will become confused.
2012-05-17 15:26:16 -07:00
Tom Eastep
f5f80d2ccc Re-arrange enforcement of restrictions on geoip.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-17 13:59:56 -07:00
Tom Eastep
d220d3d9d5 Abandon action.GeoIP in favor of extended syntax in the SOURCE and DEST columns.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-17 10:44:02 -07:00
Tom Eastep
6148c909f2 fix multiple ipsets in an imatch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-16 19:52:41 -07:00
Tom Eastep
2eb25f3f6a Correct the grammar in an error message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-16 07:52:42 -07:00
Tom Eastep
43d882db2b Cosmetic cleanup
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-15 16:44:35 -07:00
Tom Eastep
78af118b9a Quote original list when a translated list is ill-formed.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-15 16:39:46 -07:00
Tom Eastep
85f58d6906 Avoid funny-looking ERROR: messages out of Embedded Perl.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-15 16:38:56 -07:00
Tom Eastep
ac2ed505bb Add GeoIP support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-14 17:12:46 -07:00
Tom Eastep
926e589414 Exit the tcpost chain if a connection mark is restored
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-14 10:35:42 -07:00
Tom Eastep
cd150af790 Update .status file on disable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-12 07:44:46 -07:00
Tom Eastep
cd98266396 Correct add of default IPv6 route when no gateway specified
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-12 07:15:24 -07:00
Tom Eastep
3d541f50c8 Use "(S)" consistently in column headings.
- add synonyms so both the singular and plural forms are accepted.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 12:42:04 -07:00
Tom Eastep
f77b350a7b Clear the 'balance' table if no balanced providers.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 11:28:06 -07:00
Tom Eastep
bed4457e0e Delete jump to 'tproxy'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 09:00:09 -07:00
Tom Eastep
2d5269be7b Fix another conditional compilation bug.
?IF $false
   ?IF $false
      ...
   ?ENDIF
   foo <------- This line is not omitted!
?ENDIF

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 07:44:46 -07:00
Tom Eastep
a05b3afd7f Eliminate the 'tproxy' chain
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 07:42:44 -07:00
Tom Eastep
9e743451f6 Add FORMAT 2 to tcrules files. Initialize $format in Tc.pm
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 07:08:06 -07:00
Tom Eastep
cb7fc31f0b Restore 4.5.3 compatibility
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-10 14:23:33 -07:00
Tom Eastep
69d735ea0a Make TPROXY actually work!
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-10 11:19:23 -07:00
Tom Eastep
4d4fc315e0 More TPROXY changes
- Combine identical DIVERT chains.
- Add --transparent to -m socket
- Reserve a TPROXY bit in the fwmark

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-10 07:25:07 -07:00
Tom Eastep
820c965b72 Allow Shorewall::Config::in_hex() to accept an argument already expressed in hex.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-09 13:51:49 -07:00
Tom Eastep
605ef6ef86 Tweak to DIVERT plus correct TPROXY in man pages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-09 13:10:51 -07:00
Tom Eastep
2eb7af23dc Merge branch 'master' into 4.5.3 2012-05-09 10:03:43 -07:00
Tom Eastep
582d025f58 Add DIVERT action to tcrules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-09 09:41:58 -07:00
Tom Eastep
b55d8c04e4 Do logical->physical mapping in rtrules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-08 14:52:18 -07:00
Tom Eastep
3b6f5b2d8a Finish alternative balancing
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-08 13:55:13 -07:00
Tom Eastep
6639b3534e Close all input files in Shorewall::Config::cleanup()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-08 08:58:14 -07:00
Tom Eastep
59bf343521 Leave first filename and linenumber on the same line as error text.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-08 08:55:24 -07:00
Tom Eastep
1d6e6b65db Finish a comment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 17:06:35 -07:00
Tom Eastep
2224fdbc65 Correct help text in compiler.pl
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 16:55:51 -07:00
Tom Eastep
fd1d6cf935 Handle default shorewallrc location
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 16:55:17 -07:00
Tom Eastep
5d7442e9e9 Correct typo in converted blrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 12:13:26 -07:00
Tom Eastep
ef90006334 Avoid reference to unitialized variable on bogus FORMAT in interfaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 12:00:21 -07:00
Tom Eastep
2cbf1e86ad Allow synonyms for column names in alternate specification formats
- gateway and gateways in the tunnels file
- mark and action in the tcrules file

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 11:59:47 -07:00
Tom Eastep
dd8e9ff09d Fix 'COMMENT' along in the tunnels file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 11:58:37 -07:00
Tom Eastep
4320150dc4 Add alternate specification in tunnels file ('gateways')
- Make similar change in tcrules file with 'action'

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 07:43:11 -07:00
Tom Eastep
003daec41c Remove a couple of hard-coded '/usr/share' in Shorewall::Config
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-06 17:30:17 -07:00
Tom Eastep
aac00c3cc7 Pop open stack in run_user_exit1 and run_user_exit2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-05 10:31:55 -07:00
Tom Eastep
af228806fc Allow manual changes to be used in macros.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-05 08:56:26 -07:00
Tom Eastep
1d90ee174c Cleanup of ERROR/WARNING message enhancement.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-04 07:01:08 -07:00
Tom Eastep
3e37f47fb5 Print out the include/open stack in WARNING and ERROR messages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-03 17:17:55 -07:00
Tom Eastep
894931731b Merge branch 'master' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall 2012-05-02 07:04:30 -07:00
Tom Eastep
731b310359 Use --hashlimit-upto when available.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-30 13:45:09 -07:00
Tom Eastep
35c08c109e Fix IPv4 'reset'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-30 07:54:40 -07:00
Tom Eastep
766771d812 Remove absurd test
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-30 07:48:07 -07:00
Tom Eastep
b9e6349994 Add some comments
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-29 09:07:34 -07:00