Tom Eastep
|
f1eafdc314
|
Use '=' rather than '&' to create UNTRACKED rule chains.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-08-01 13:48:29 -07:00 |
|
Tom Eastep
|
c195bab01d
|
Correct handling of a provider interface that matches a wildcard.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-07-29 20:34:02 -07:00 |
|
Tom Eastep
|
0d682fe78b
|
Disallow optional shared providers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-07-19 09:57:06 -07:00 |
|
Tom Eastep
|
410a20dda3
|
Make shared interface and 'load=<load-factor' play nice together
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-07-17 13:25:26 -07:00 |
|
Tom Eastep
|
0685d0edfd
|
Fix rate limiting
- Avoid specifying a timeout when the match is '-m limit'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-07-15 08:57:43 -07:00 |
|
Tom Eastep
|
474604b1fe
|
Correct source interface exclusion
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-07-04 08:01:27 -07:00 |
|
Tom Eastep
|
93f0183550
|
Tweak do_ratelimit()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-07-03 14:22:30 -07:00 |
|
Tom Eastep
|
a42972644c
|
Allow specification of 'hashlimit' table sizes
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-07-02 14:14:36 -07:00 |
|
Tom Eastep
|
49514e2d58
|
Allow specification of ht buckets and max entries in RATE columns
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-07-02 10:23:36 -07:00 |
|
Tom Eastep
|
a265685e20
|
Allow specification of VLSM in the RATE columns
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-07-02 09:08:45 -07:00 |
|
Matt Darfeuille
|
442e6ac152
|
Update version to 5.2
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-06-23 09:09:00 -07:00 |
|
Tom Eastep
|
bfb9852eb6
|
Allow MARK, CONNMARK, SAVE and RESTORE in the nat table
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-06-14 10:01:12 -07:00 |
|
Tom Eastep
|
a8b6a301f2
|
Revert "MARK and CONNMARK in the snat file"
This reverts commit e36547f8be.
|
2018-06-14 07:58:33 -07:00 |
|
Tom Eastep
|
150f7ab798
|
Allow specification of the TPROXY mark in CONNMARK and MARK.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-06-14 07:58:06 -07:00 |
|
Tom Eastep
|
e36547f8be
|
MARK and CONNMARK in the snat file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-06-10 16:34:55 -07:00 |
|
Tom Eastep
|
0632723a6c
|
Support interface exclusion
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-06-10 12:02:19 -07:00 |
|
Tom Eastep
|
ec21b03c5b
|
Correct handling of dbl=src_dst in interface OPTIONS
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-05-18 10:18:09 -07:00 |
|
Tom Eastep
|
25dcf8c5d6
|
Check for linkdown in interface_is_usable() rather than ..._is_up().
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-05-18 07:56:06 -07:00 |
|
Tom Eastep
|
c02b71b530
|
Correct interface_is_up() to look for the 'state' as well as 'UP'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-05-12 08:09:46 -07:00 |
|
Tom Eastep
|
78269d57bc
|
Handle missing AUTOMAKE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-05-10 11:12:23 -07:00 |
|
Tom Eastep
|
fc91648315
|
Avoid split_line2 confusion when processing a raw line
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-05-10 09:30:02 -07:00 |
|
Tom Eastep
|
067f435ac5
|
Update BLACKLIST_DEFAULT if Drop or Reject
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-05-06 13:31:54 -07:00 |
|
Tom Eastep
|
90df607d79
|
Finish removal of 'refresh command'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-03-30 15:30:34 -07:00 |
|
Tom Eastep
|
5e2f1f573d
|
Unconditionally convert masq->snat
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-03-27 11:38:47 -07:00 |
|
Tom Eastep
|
011322992e
|
Revert "Delete masq file processing"
This reverts commit 609ee8dea2.
|
2018-03-27 11:08:33 -07:00 |
|
Tom Eastep
|
609ee8dea2
|
Delete masq file processing
- Automatically convert the masq file if it exists
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-03-26 11:40:22 -07:00 |
|
Matt Darfeuille
|
299ea2b41f
|
Update version to 5.2
- Remove unneeded punctuation marks
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-03-24 09:53:02 -07:00 |
|
Tom Eastep
|
32f1ae1992
|
Make &lo work correctly
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-03-19 18:23:19 -07:00 |
|
Tom Eastep
|
3be071ca3d
|
Up the INCLUDE depth limit to 20
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-03-12 14:39:53 -07:00 |
|
Tom Eastep
|
e08e239c00
|
Implement AUTOMAKE=recursive
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-03-03 15:50:56 -08:00 |
|
Tom Eastep
|
02ed6f26a9
|
Allow AUTOMAKE=<depth> to specify search depth
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-03-03 13:04:48 -08:00 |
|
Tom Eastep
|
34c5441768
|
Apply optimize category 16 again after 8 if 8 did anything
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-02-27 14:17:21 -08:00 |
|
Tom Eastep
|
c3d8cba042
|
Reverse the order of optimize 8 and optimize 16 application
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-02-23 15:01:47 -08:00 |
|
Tom Eastep
|
c1a74b54fc
|
Implement RENAME_COMBINED
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-02-22 12:49:55 -08:00 |
|
Tom Eastep
|
88547f5140
|
Handle two-chain case when LOG_ZONE != 'Both'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-02-22 11:25:19 -08:00 |
|
Tom Eastep
|
7ad7598d5b
|
Implement LOG_ZONE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-02-20 15:31:31 -08:00 |
|
Tom Eastep
|
4dfc6d90b9
|
Add 'logname' member to chain table entries.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-02-20 11:04:50 -08:00 |
|
Tom Eastep
|
0cb4a5c202
|
Correct "Invalid Policy Action" error message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-02-19 10:04:18 -08:00 |
|
Tom Eastep
|
9a83365986
|
Remove the USEPKTTYPE capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-02-16 11:20:00 -08:00 |
|
Tom Eastep
|
db4a26cfa9
|
'update' changes for V5.2
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-02-13 09:21:15 -08:00 |
|
Tom Eastep
|
95e956c913
|
Complete removal of INLINE_MATCHES
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-02-13 09:20:31 -08:00 |
|
Tom Eastep
|
5e3795b5a4
|
Delete support for single semicolon in INLINE and IP[6]TABLES rules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-02-12 19:12:03 -08:00 |
|
Tom Eastep
|
24e21e730e
|
Correct typo in add_common_rules()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-02-12 19:10:35 -08:00 |
|
Tom Eastep
|
12bbbbfa2a
|
Merge branch '5.1.12'
# Conflicts:
# Shorewall/Perl/Shorewall/Config.pm
|
2018-02-09 17:16:12 -08:00 |
|
Tom Eastep
|
2a12e0950a
|
Allow pairs in braces to appear with ';;'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-02-09 12:58:18 -08:00 |
|
Tom Eastep
|
c518e85215
|
Clarify warning message regarding INLINE_MATCHES
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-02-08 11:21:38 -08:00 |
|
Tom Eastep
|
91c76f7559
|
Add INLINE_MATCHES=Yes to deprecated option list
- Issue a warning for each line requiring change.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-02-07 19:08:28 -08:00 |
|
Tom Eastep
|
73b39abd62
|
Remove INLINE_MATCHES
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-02-07 14:41:49 -08:00 |
|
Tom Eastep
|
3903fe5fd9
|
Remove the 'refresh' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2018-02-07 12:38:24 -08:00 |
|
Tom Eastep
|
a3e10157de
|
Merge branch '5.1.12'
|
2018-02-06 17:35:31 -08:00 |
|