Tom Eastep
f221ca290f
Improve checking when MANGLE_ENABLED=No in shorewall[6].conf
...
- Fatal error when a feature is used that requires the mangle table
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-03-01 15:07:17 -08:00
Tom Eastep
8b99f8caac
Merge branch 'master' into 5.2.4
...
# Conflicts:
# docs/SharedConfig.xml
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-03-01 13:50:05 -08:00
Tom Eastep
8b2c79e5ce
Merge branch '5.2.3' into 5.2.4
...
# Conflicts:
# docs/Introduction.xml
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-03-01 13:48:45 -08:00
Tom Eastep
dcde2bfa4a
Correct logic that decides if a reload is necessary during enable
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-02-26 15:22:17 -08:00
Tom Eastep
387b861759
Correct handling of ORIGDEST with OLD_CONNTRACK_MATCH
...
- Also correct detection of OLD_CONNTRACK_MATCH in shorewall6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-02-25 13:08:58 -08:00
Tom Eastep
6798c2f2b0
Accomodate both DOCKER-ISOLATION and DOCKER-ISOLATION-STAGE-*
...
Previously, the code assumed that either DOCKER-ISOLATION or
DOCKER-ISOLATION-STAGE-* would exist but not both. That has been corrected
2020-02-24 15:35:50 -08:00
Tom Eastep
e8f49bc9c7
Merge branch '5.2.3'
2020-02-18 11:11:53 -08:00
Tom Eastep
31b558b7f9
Filter out LIBVIRT rules when saving Docker Rules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-02-16 10:36:16 -08:00
Tom Eastep
367a5f7d97
Filter out LIBVIRT rules when saving Docker Rules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-02-16 10:33:18 -08:00
Tom Eastep
4efac2fda1
Handle essential IPv6-ICMP types when firewall is stopped
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-02-06 15:21:51 -08:00
Tom Eastep
5f50b70618
Merge branch '5.2.3' into 5.2.4
...
# Conflicts:
# docs/SharedConfig.xml
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-02-06 14:08:33 -08:00
Tom Eastep
b437f609e5
Merge branch '5.2.3'
2020-02-01 11:01:59 -08:00
Tom Eastep
f05bd969af
Revert "Add targetname files"
...
This reverts commit c9eb443574
.
2020-02-01 09:46:05 -08:00
Tom Eastep
7aaa04149e
Merge branch '5.2.3'
...
# Conflicts:
# Shorewall/manpages/shorewall-files.xml
# docs/SharedConfig.xml
2020-02-01 09:45:33 -08:00
Tom Eastep
c9eb443574
Add targetname files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2020-01-29 10:41:55 -08:00
Tom Eastep
08da235896
Correct IPv6 Address Range parsing
...
Previously, such ranges were required to be of the form [<addr1>-<addr2>]
rather than the more standard form [<addr1>]-[<addr2>]. In the snat file
(and in nat actions), the latter form was actually flagged as an error
while in other contexts, it resulted in a less obvious error being raised.
With this change, both forms are accepted.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-12-23 10:02:48 -08:00
Tom Eastep
77cad81ba7
Clean up comments
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-12-23 09:59:29 -08:00
Tom Eastep
9213d7e707
Clean up Shorewall6[-lite] manpage links
...
- there were many links pointing to /manpages6/shorewall6... that should
have been updated to point to /manpages/shorewall...
- this commit corrects those links
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-11-27 15:46:57 -08:00
Tom Eastep
157abcbd37
Allow NFQUEUE 'bypass' in the policy file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-10-21 14:41:02 -07:00
Tom Eastep
2b7a37e42a
Minor cleanup of the Chains module
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-10-16 11:44:02 -07:00
Tom Eastep
51b9589c48
Merge branch 'more-bitcoin-ports' of ssh://teastep@git.code.sf.net/u/talkless/shorewall
2019-09-10 08:10:53 -07:00
Vincas Dargis
762df5e18c
Add macros for Bitcoin's Testnet and Regtest
...
Add additional macros for Bitcoin daemon running in Testnet and Regtest
modes.
2019-09-07 16:36:42 +03:00
Tom Eastep
cb56991fee
Merge branch '5.2.3'
2019-09-03 07:45:57 -07:00
Tom Eastep
c4d5bb904b
Correct description of 'bypass' in shorewall-rules(5).
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-08-26 15:45:26 -07:00
Tom Eastep
40f6192e19
Make 'AUTOMAKE=No' the update default
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-08-25 14:20:54 -07:00
Tom Eastep
7051daeb08
Correct handle of multi-queue NFQUEUE when passed to a macro
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-08-25 14:18:54 -07:00
Tom Eastep
a9c42e1eaa
Correct NFQUEUE policy with per-CPU queues
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-08-25 14:18:06 -07:00
Tom Eastep
8b0cfdf779
Clarify SWITCH settings and reload
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-04-25 14:26:18 -07:00
Tom Eastep
c127cec76c
Merge branch '5.2.3'
2019-04-14 14:35:09 -07:00
Tom Eastep
6b21135ade
Correct handling of an ipset in the SPORT column
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-04-11 18:37:27 -07:00
Tom Eastep
2f66381a4a
Allow multiple protocols to be specified for a helper
...
- the protocol list is specified in the %helpers hash as an array reference
e.g., "[UDP,TCP]". Note that those are protocol *numbers*, not names.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-04-01 15:14:34 -07:00
Matt Darfeuille
53495ec0a8
Point exclusively to shorewall.org
...
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-03-25 11:35:00 -07:00
Tom Eastep
2f3f6ffa15
Revert "Make $update global in Config.pm"
...
This reverts commit b9d0821acb
.
2019-03-17 08:02:53 -07:00
Tom Eastep
60f2f3b0d0
Allow variable expansion when processing shorewallrc.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-03-14 20:38:10 -07:00
Tom Eastep
e626b77097
Correct policy zone exclusion handling
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-02-21 09:31:13 -08:00
Matt Darfeuille
d3fcb29f0d
Use proper function name for warning messages
...
Signed-off-by: Matt Darfeuille <matdarf@gmail.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-02-07 10:44:46 -08:00
Tom Eastep
e548043e96
Remove modules files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-02-06 14:17:10 -08:00
Tom Eastep
443a4223c2
Remove pre-2.6.20 helpers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-02-06 14:11:48 -08:00
Tom Eastep
8f42a6a72b
Remove LOAD_HELPERS_ONLY
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-02-03 10:04:19 -08:00
Tom Eastep
0982fec513
Remove superfluous whitespace from Providers.pm
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-02-01 12:44:44 -08:00
Tom Eastep
f5262dd050
Correct typo in shorewall-providers(5)
...
- RESTORE_DEFAULT_OPTION -> RESTORE_DEFAULT_GATEWAY
2019-02-01 12:44:00 -08:00
Tom Eastep
8dcfd86f3a
Document compiler globals
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-01-24 08:26:27 -08:00
Tom Eastep
edc9e25f25
Deprecate 'all[+]-'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-01-23 12:35:07 -08:00
Tom Eastep
ef11ae834d
Drop documentation for all-
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-01-22 15:53:33 -08:00
Tom Eastep
9f423412d8
Allow zone exclusion in the policy file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-01-22 12:35:23 -08:00
Tom Eastep
7f7fef3a4e
Disallow 'all' in a policy zone list
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-01-21 10:00:36 -08:00
Tom Eastep
b9d0821acb
Make $update global in Config.pm
...
- Only save raw image if we are updating
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-01-20 11:06:40 -08:00
Tom Eastep
857539c8b1
Update lib.runtime copyright
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-01-16 13:09:42 -08:00
Tom Eastep
429070d107
Update Chains.pm and Compiler.pm copyrights
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-01-16 12:28:27 -08:00
Tom Eastep
89725c530f
Change limit of 'wait' option setting to 300 seconds (5 minutes)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2019-01-16 11:50:33 -08:00