extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-08-08 23:20:55 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,759 Commits 104 Branches 736 Tags
f768d6058ec3c5079b225e38de03cd51f9fa68f5
Commit Graph

10759 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Eastep
f768d6058e More corrections to wildcard interfaces 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-11-11 07:28:35 -08:00
Tom Eastep
65a279cb50 Remove some white space 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-11-11 05:31:44 -08:00
Tom Eastep
803a17f2b9 Merge branch '4.4.25' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall into 4.4.25 2011-11-10 17:55:34 -08:00
Tom Eastep
9bb3df40cd Make the previous patch a bit cleaner 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-11-10 07:18:46 -08:00
Tom Eastep
ffd78e2d86 Fix wildcard interfaces 
- Suppress extra jumps to interface chains.
- Insure that the 'lo' ACCEPT rule doesn't get masked by a wildcard interface

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-11-10 06:56:46 -08:00
Tom Eastep
4e49273a8b Merge branch 'master' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall into 4.4.25 2011-11-06 06:15:37 -08:00
Roberto C. Sanchez
cf8c30904d Add support for a "status" command to the Debian init scripts 
(cherry picked from commit d36a2030ea)
 2011-11-06 09:10:59 -05:00
Tom Eastep
16b6151df3 More cleanup of the IN_BANDWIDTH code 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
4.4.25.2 		2011-11-05 08:11:44 -07:00
Tom Eastep
c940d06575 Omit estimator when no avrate. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-11-05 08:11:11 -07:00
Tom Eastep
9645703fb2 Mention that 'ignore' exempts the inteface from hairpin filtering. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-11-04 13:48:37 -07:00
Tom Eastep
f1bf4092b0 Make replacement of '+' by '*' global in case statements. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-11-04 13:48:13 -07:00
Tom Eastep
90736b7ef6 Include the rawpost table in dump output 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-11-04 13:02:30 -07:00
Tom Eastep
73ebe84fec Document the 'ignore' interface option 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-11-04 07:55:18 -07:00
Tom Eastep
96da9c2f26 Add DropSmurfs and TCPFlags to the IPv6 actions.std file. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-11-03 11:04:22 -07:00
Tom Eastep
cb44151e92 Correct 'start -f' with AUTOMAKE=Yes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-11-03 06:59:01 -07:00
Roberto C. Sanchez
d36a2030ea Add support for a "status" command to the Debian init scripts 2011-11-01 19:55:02 -04:00
Tom Eastep
bd76abaa62 Document addition of blacklistsection chains to the default 'refresh' list. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
4.4.25.1 		2011-11-01 08:34:57 -07:00
Tom Eastep
cfa33e894f Restore IN_BANDWIDTH functionality on moribund distributions 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-11-01 07:02:32 -07:00
Tom Eastep
8b8140cc9f Add 'Basic Filter' capability 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-11-01 06:34:57 -07:00
Tom Eastep
f3b5d5585f Correct detection of FLOW_FILTER 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-11-01 06:21:34 -07:00
Tom Eastep
0a605c63f2 Add note about separate blacklist file. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-31 08:46:11 -07:00
Tom Eastep
dc1f815679 Reload blacklistsection chains even when legacy blacklisting is used. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-31 08:04:32 -07:00
Tom Eastep
29f6f6e3f2 Allow 'refresh' to reload chains from the BLACKLIST section. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-30 06:05:24 -07:00
Tom Eastep
e997b7e662 Update Build doc to reflect change to 'setversion'. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-30 05:26:23 -07:00
Tom Eastep
16457ce85b Evaluate a variable at compile-time rather than at run-time 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
4.4.25-base 		2011-10-27 07:07:38 -07:00
Tom Eastep
3aac252645 Cleanup of IPv6 config files and manpages 
- Add BLACKLIST section to IPv6 rules files.
- Add USE_DEFAULT_RT to the shorewall6.conf files and to the manpage.
4.4.25-RC1 		2011-10-26 05:59:27 -07:00
Tom Eastep
5e97dc1954 Fold long lines in the FAQ 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-25 14:28:18 -07:00
Tom Eastep
c319921365 Correct validation of 4in6 addresses 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-25 06:19:34 -07:00
Tom Eastep
3258806f6c Insure that 32767 default rule exists on IPv6. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-24 21:15:09 -07:00
Tom Eastep
ccdda4c73b Tighten the rule compatibility test in sub compatible(). 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-24 13:16:17 -07:00
Tom Eastep
3c98094242 Combine all IPV6 filtering in the routing table copy routines 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-24 13:15:36 -07:00
Tom Eastep
14764acd2d Restore a blank line in the generated script 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-24 08:50:15 -07:00
Tom Eastep
3ce5449257 Change the Caution at the top of the FAQs to refer to 4.4 rather than 4.3 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-24 06:23:33 -07:00
Tom Eastep
ee66be8f32 Place all ip-address rules at priority 20000. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-23 17:11:41 -07:00
Tom Eastep
54ba4ed879 Add MARK column to route_rules 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-23 07:56:53 -07:00
Tom Eastep
2316162d86 Fix last section of two-interface doc 2011-10-22 16:22:44 -07:00
Tom Eastep
cb13c02731 Fix last section of two-interface doc 4.4.25-Beta4 2011-10-22 16:15:36 -07:00
Tom Eastep
4b419f7497 Cleanup if IPv6 provider work 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-22 12:48:07 -07:00
Tom Eastep
d3d9380df5 Don't combine incompatible chains 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-21 11:55:30 -07:00
Tom Eastep
f31f3dc92a Implement 'fallback' and 'balance' for IPv6 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-21 11:55:15 -07:00
Tom Eastep
20cd943a60 Make route-table copying work on IPv6 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-20 10:32:09 -07:00
Tom Eastep
18161b54e8 Update network graphics 2011-10-20 10:02:58 -07:00
Tom Eastep
a42e2dff7f Allow caps in IPv6 addresses 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-19 07:47:49 -07:00
Tom Eastep
62d43ab6dd Cleanup of new IN-BANDWIDTH handling. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
4.4.25-Beta3 		2011-10-18 05:53:50 -07:00
Tom Eastep
15915799b9 Document new IN-BANDWIDTH handling 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-18 05:53:31 -07:00
Tom Eastep
dbe936c7c9 Cleanup of new IN-BANDWIDTH handling (avoids a syntax error) 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-17 06:29:27 -07:00
Tom Eastep
4d83201843 Allow configuraton of a rate estimated policing filter 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-16 14:38:27 -07:00
Tom Eastep
ebc944f027 Add optional MTU parameter in IN_BANDWIDTH 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-16 10:52:45 -07:00
Tom Eastep
efb768464c Add FAQ 97a 4.4.24.1 2011-10-14 11:27:44 -07:00
Tom Eastep
bf6ea13898 Update .service files with patch from Jonathan Underwood 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
4.4.25-Beta2 		2011-10-12 06:13:15 -07:00