Commit Graph

534 Commits

Author SHA1 Message Date
Tom Eastep
b7ab82dba4 Implement -f option in the -lite products' start command
- Remove 'recover' command

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 10:42:39 -07:00
Tom Eastep
3454e10525 Add SAVE_COUNTERS option.
- Also implement recover command

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-30 08:57:56 -07:00
Tom Eastep
54461a9a90 Correct indentation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-20 12:29:45 -07:00
Tom Eastep
e3b10343a5 Change SYSTEMDDIR to SERVICEDIR
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-13 11:56:26 -07:00
Tom Eastep
a5086f785f Avoid confusing output when 4.6.4 CLI executes a 'save'
- If a down-rev firewall is running, the savesets command produces
  confusing usage output

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-10 18:40:55 -07:00
Tom Eastep
815e93e80c Rename SYSTEMD to SYSTEMDDIR
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-10-07 16:46:16 -07:00
Tom Eastep
4071b9d337 Update SuSE shorewallrc for SBINDIR
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-30 16:16:33 -07:00
Tom Eastep
3858683e94 Allow saving a specified list of ipsets
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-28 11:19:41 -07:00
Tom Eastep
4495ed687b Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code 2014-09-23 07:10:46 -07:00
Tuomo Soini
8f05d0f16d install.sh: support install on centos7 and foobar7
Signed-off-by: Tuomo Soini <tis@foobar.fi>
2014-09-23 13:19:09 +03:00
Tom Eastep
f9d98b74a2 Merge branch '4.6.2' into 4.6.3
Conflicts:
	Shorewall/Perl/Shorewall/Providers.pm

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-16 08:09:20 -07:00
Tom Eastep
fc58dab66d Remove redundant 'run' command from help output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-09-02 12:57:04 -07:00
Tom Eastep
bf5be7198b Make dump work correctly on RHEL5
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-08-12 16:18:42 -07:00
Tom Eastep
0bf80c15d8 Detect missing <commmand> in the generated scrip
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-29 11:35:32 -07:00
Tom Eastep
4e9a0b989d Update 'run' help text
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-29 10:46:28 -07:00
Tom Eastep
31e5aeeaea Refine the 'run' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-29 10:30:07 -07:00
Tom Eastep
a7b18ca875 Implement 'run' command
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-28 07:04:56 -07:00
Tom Eastep
cc935009ce Correct install problems under Cygwin
- configure.pl doesn't understand CYGWIN return from uname
- shorewall-core install.sh doesn't understand CYGWIN return from uname
- shorewall install.sh generates 'mkdir -p //etc/shorewall' which is
  broken under Cygwin

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-07-09 10:48:03 -07:00
Tom Eastep
50736fb8ae Correct last patch (s/-i/-x/)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-18 15:38:11 -07:00
Tom Eastep
a2e514c0ab Add the -i option to the 'show bl' help text
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-18 15:35:49 -07:00
Tom Eastep
6ad9b95351 Implement 'show bl'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-18 13:27:25 -07:00
Tom Eastep
ac4bf15606 Implement 'status -i'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-06-18 11:07:37 -07:00
Tom Eastep
e64a7feda2 Make 'show filters' work with Simple TC
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-25 12:30:12 -07:00
Tom Eastep
d49d352d77 Improve the output of 'shorewall[6] show filters'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-23 09:26:12 -07:00
Tom Eastep
966926fac5 RHE7 support -- first cut
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-05-19 15:15:52 -07:00
Tom Eastep
3311bbd73a Merge branch '4.5.21' 2014-03-27 10:53:16 -07:00
Tom Eastep
9107259a56 Correct reporting of the REAP_OPTION capability.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-27 10:52:40 -07:00
Tom Eastep
8f36c080d0 Streamline the output of the status comment
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-03-27 10:44:08 -07:00
Tom Eastep
669d15e2cf Implement the -t update option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-15 09:36:13 -08:00
Tom Eastep
f140a8e7e2 Detect EMATCH in the CLI
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-02-03 12:03:22 -08:00
Tom Eastep
4daee95902 Merge branch '4.5.21' 2014-01-30 13:19:26 -08:00
Tom Eastep
245c64478c Correct 'add/delete' with a VLAN interface.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-30 13:18:05 -08:00
Tom Eastep
d44bc12df3 Merge branch '4.5.21' 2014-01-15 19:25:23 -08:00
Tom Eastep
6223bdd8e1 Add -m to the dump options in help output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-15 19:25:07 -08:00
Tom Eastep
dec088566b Merge branch '4.5.21' 2014-01-15 17:39:03 -08:00
Tom Eastep
6d8cadd152 Correct issues in the 'dump' command.
- the -x and -l options do nothing
- output of 'help' doesn't describe those options

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-15 17:38:39 -08:00
Tom Eastep
42dd8dfee9 Change license to GPLv2+ and update copyrights
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-04 09:48:27 -08:00
Tom Eastep
1771bb75cf Finish ipset match option implementation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2014-01-02 14:43:55 -08:00
Tom Eastep
dd38cdc0f0 Merge branch '4.5.21' 2013-12-18 07:16:12 -08:00
Tom Eastep
a5e8bc6298 Apply Luigi's small fix for IPSET=
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-18 07:15:24 -08:00
Tom Eastep
6d72cb3138 Correct update inline
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-15 09:32:09 -08:00
Tom Eastep
9abe60bc27 Implement the -i option of upgrade
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-12-14 17:54:10 -08:00
Tom Eastep
bcb2573918 Don't try to get firewall version if not root
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-14 07:51:07 -07:00
Tom Eastep
66c2fca2b0 Eradicate the use of 'fgrep'
- Busybox on Leaf Bering does not have fgrep

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-14 07:15:08 -07:00
Tom Eastep
b6c3d9cae1 Avoid error message during initial install
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-09 14:06:41 -07:00
Tom Eastep
20946f0711 Add Ubuntu support to configure
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-09 07:14:55 -07:00
Tom Eastep
faeea3bd8a Add Ubuntu support to Shorewall-core installer.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-09 07:05:06 -07:00
Tom Eastep
75f5d97657 Enhance 'shorewall capabilities' output for REAP_OPTION
Include 'REAP_OPTION' in parentheses.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-08 12:53:53 -07:00
Tom Eastep
8c4bbf0c85 Implement REAP_OPTION capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-10-07 07:54:52 -07:00
Tom Eastep
9c30105fff Display compiler version in the status and 'version -a' commands.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-30 15:59:42 -07:00
Tom Eastep
4524281163 Apply Thomas D's Gentoo support patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-17 08:22:52 -07:00
Tom Eastep
df028e420c Use 'ip neigh ls' when 'arp' isn't installed.
- From Martin Gignac

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-17 08:10:36 -07:00
Tom Eastep
ff634ac776 Use 'ss' rather than 'ss' in the 'dump' command.
- From Martin Gignac

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-17 06:55:04 -07:00
Tom Eastep
e46e059b87 Specify SYSCONFFILE for SuSE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-10 08:04:36 -07:00
Tom Eastep
50411e638c Report the name of the SysV init file installed.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-09-09 08:11:45 -07:00
Tom Eastep
39e348997f Add SERVICEFILE variable to shoreallrc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-18 14:27:26 -07:00
Tom Eastep
32763e998b Make -v work with the status command
- Also document exit status

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-13 06:52:46 -07:00
Tom Eastep
84e0c98c88 Remove debugging statement
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-10 06:54:43 -07:00
Tom Eastep
5f63183247 More fixes to the configure script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-09 18:35:32 -07:00
Tom Eastep
189b81cd49 Correct more typos
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-09 16:56:48 -07:00
Tom Eastep
2f25584dee Correct another typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-09 16:50:43 -07:00
Tom Eastep
d127c90924 Correct typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-09 16:50:30 -07:00
Tom Eastep
fc5c92cabc Use /etc/os-release to determine build host
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-08 17:44:40 -07:00
Tom Eastep
a10aea280b Add some abbreviations for common commands
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-08-06 07:05:47 -07:00
Tom Eastep
5ba8df81fb Further improve readability of the show event[s] commands.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-13 09:08:50 -07:00
Tom Eastep
51d5ec6b2b Make the output of 'show event[2] understandable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 16:07:22 -07:00
Tom Eastep
5c7500e13e Display the current time as an integer in 'show event[s]' output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 09:46:08 -07:00
Tom Eastep
09240da55a Change the external name of MARK_ANYWHERE to 'Mark in the filter table'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 09:45:20 -07:00
Tom Eastep
89f16bdb37 Include a current time event in /proc/net/xt_recent/
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-12 07:14:22 -07:00
Tom Eastep
f99e20ee19 Allow 'show event[s]'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-11 19:21:56 -07:00
Tom Eastep
b639a18eb9 Simplify fix for -q
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-03 08:16:27 -07:00
Tom Eastep
3e1ed30f4e Make initial progress message obey VERBOSITY
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-07-02 14:23:27 -07:00
Tom Eastep
f6a55bbf05 Allow the '-V' option in the CLI programs.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-16 14:29:36 -07:00
Tom Eastep
c3901f1161 Release mutex on error.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-09 09:57:09 -07:00
Tom Eastep
3923092468 Take 2 on conditional compilation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-08 19:01:39 -07:00
Tom Eastep
56318e6cc8 Try to ensure that cp doesn't copy the firewall script to itself.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-05-06 09:22:16 -07:00
Tom Eastep
186f71fa96 Add NEW_TOS_MATCH capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-04-09 14:04:16 -07:00
Tom Eastep
b10218e773 Add a 'UDPLITE Port Redirection' capability.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 10:07:52 -07:00
Tom Eastep
e77ca971bd Avoid shell diagnostic in 'show capabilities' when no arptables installed
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 09:48:10 -07:00
Tom Eastep
8442477224 Add Enhanced Multi-port match capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-03-10 09:04:47 -07:00
Tom Eastep
418034579f Support IPv6 Masquerade
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-27 09:25:26 -08:00
Tom Eastep
40865dce4d Correct 'not running' error message in enable/disable commands.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-23 16:32:17 -08:00
Tom Eastep
82f9ba8bb7 Correct detection of IPv6 PERSISTENT_SNAT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-23 12:59:38 -08:00
Tom Eastep
8ed6642387 Modify reload_command() and export_command() to directly call compiler()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-22 16:15:41 -08:00
Tom Eastep
bb5b6e42d6 Replace death sequences with calls to fatal_error()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-16 07:32:47 -08:00
Tom Eastep
430c69b8db Merge branch '4.5.13' 2013-02-15 18:23:45 -08:00
Tom Eastep
36db41457d Make 'version -a' work when not run by /sbin/shorewall.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-15 12:45:49 -08:00
Tom Eastep
138638cb1a Effectively use the specified directory as the CONFIG_PATH til .conf is read
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-13 07:45:24 -08:00
Evangelos Foutras
2d59f7e31a Tweak shorewallrc.archlinux configuration
Changes:

  - Remove reference to SysV init script
  - Define systemd system unit directory
  - Set SBINDIR to /usr/sbin
  - Unset BUILD; should be auto-detected

Signed-off-by: Evangelos Foutras <evangelos@foutrelis.com>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-02-01 10:13:48 -08:00
Tom Eastep
38657d9f98 Support for arptables.
Signed-off-by: Tom Eastep <teastep@mint14.(none)>
2013-01-04 09:17:57 -08:00
Tom Eastep
24c69f9efb Sort the output of 'show capabilities'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-21 11:09:18 -08:00
Tom Eastep
60012d1208 Add additional space for the OPTIONS column
- actions and actions.std problem

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-04 10:54:32 -08:00
Tom Eastep
8cbe26e32c Ignore 'inline' for certain actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-12-01 07:54:42 -08:00
Tom Eastep
6702bb1989 Revert condition initialization patch.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-30 07:31:29 -08:00
Tom Eastep
409c427134 Add support for future condition initial values.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-29 12:15:15 -08:00
Tom Eastep
5fcdfd779c Don't default IPSET to 'ipset'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-11-09 08:54:54 -08:00
Tom Eastep
d0e03bb03a Sort IPv6 routing tables.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-23 11:53:19 -07:00
Tom Eastep
0387b16983 Implement CHECKSUM action in the tcrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-22 15:42:13 -07:00
Tom Eastep
f24e194819 Don't display chains with no matched entries when -b
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-22 14:15:37 -07:00
Paul Gear
ca5a0f4b15 Fix option parsing for brief option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-20 07:11:40 -07:00
Paul Gear
baf42f2ac0 Add brief option to shorewall show
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-20 07:11:31 -07:00
Tom Eastep
30066062d1 Move SHOREWALL_CAPVERSION declaration to lib.cli
- Make 'shorwall' the default g_program in lib.cli
- Initialize g_tool in lib.cli for shorewall and shorewall6 to
  facilitate use of the library without reading shorewall[6].conf.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-19 07:12:49 -07:00
Tom Eastep
49acc84f05 Add URL to the "Log message doesn't exist" message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-13 11:16:59 -07:00
Tom Eastep
47de98ff44 Rename crvsn -> vlsm in sort_routes()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-13 09:58:34 -07:00
Tom Eastep
2a175c627e Merge branch '4.5.8' 2012-10-09 16:54:22 -07:00
Tom Eastep
4bb86d8126 Correct typo in shorewallrc.default
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-09 16:53:49 -07:00
Tom Eastep
1df48b46ef Enable 'show dynamic' for dynamic zones.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-07 08:36:28 -07:00
Tom Eastep
8c97681421 Merge branch '4.5.8'
Conflicts:
	Shorewall-core/lib.cli
2012-10-07 08:24:04 -07:00
Tom Eastep
431309678a Enable dynamic zones to work with all ipset versions
- Re-add lost logic from 4.5.8.1 fix.
- create separate variables for add/delete and LIST

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-07 08:10:57 -07:00
Tom Eastep
7ca1a43118 Fix 'show dynamic'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-07 07:15:43 -07:00
Tom Eastep
8091ad6c70 Modify lib.cli to run the 'add' and 'delete' to allow the zone name to come first
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-06 09:22:14 -07:00
Tom Eastep
c12985b75b Correct typo in error message.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-01 07:17:39 -07:00
Tom Eastep
22c3766b47 Correct typo in error message.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-01 07:17:03 -07:00
Tom Eastep
92d39dc56d Expunge the g_perllib variable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-01 06:59:39 -07:00
Tom Eastep
a8e9296473 Expunge the g_sbindir variable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-01 06:55:48 -07:00
Tom Eastep
749e239d15 Expunge the g_libexec variable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-01 06:51:36 -07:00
Tom Eastep
526ad75c49 Expunge the g_vardir variable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-10-01 06:44:52 -07:00
Tom Eastep
a12f1f9fbb Always set IPSET in get_config()
- Previously, lib.cli-std set the variable but lib.cli did not.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-30 11:36:40 -07:00
Tom Eastep
d1bf727127 Allow dynamic zones to work with ipset V5
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-30 08:52:56 -07:00
Tom Eastep
cd2205a325 Upgrade down-rev rc file during install
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-15 08:09:37 -07:00
Tom Eastep
664dc0b71e Another case of incorrect quoting.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-14 08:20:54 -07:00
Tom Eastep
e9b0e2f912 Revert "Improve handling of mutex contention when 'lockfile' is installed."
This reverts commit 2f56caf8fd.

The change only worked on very recent distributions.
2012-09-12 10:03:09 -07:00
Tom Eastep
2f56caf8fd Improve handling of mutex contention when 'lockfile' is installed.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-12 07:18:26 -07:00
Tom Eastep
5645d66719 Add VARDIR to the shorewallrc files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-03 10:52:40 -07:00
Tom Eastep
b922177769 Handle missing VARDIR
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-02 15:51:35 -07:00
Tom Eastep
e66d9e3418 Rename VARDIR to VARLIB in shorewallrc
- Done so that existing shorewallrc files are still valid.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-02 14:36:11 -07:00
Tom Eastep
092c2ef8f7 No longer process the local shorewall.conf when compiling from a directory
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-09-01 08:21:45 -07:00
Togan Muftuoglu
1a324fa37f Suse specific patches
Hi Tom,

I have been patching shorewall packages for the opensuse releases, but I
guess it is better to send them to you . the upstream so it gets
incorporated into shorewall itself and I do not have to patch it ;)

I believe I have incorparted most of my patches in to this one. If you
can review them and if appropriate apply them that would be great

Thanks

Togan

>From 6072c08de753e7d1cc31bb758295dee198197e41 Mon Sep 17 00:00:00 2001
From: Togan Muftuoglu <toganm@opensuse.org>
Date: Fri, 24 Aug 2012 13:17:12 +0200
Subject: [PATCH] suse-specific

Signed-off-by: Togan Muftuoglu <toganm@opensuse.org>
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-25 08:45:57 -07:00
Tom Eastep
b45d15eec6 Revert "Apply Togan Muftuoglu's SuSE-specific init patches"
This reverts commit 2412998b57.
2012-08-25 08:45:18 -07:00
Tom Eastep
2412998b57 Apply Togan Muftuoglu's SuSE-specific init patches
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-24 06:32:30 -07:00
Tom Eastep
0f7d96a5ec Move routing output closer to the IP output in 'dump'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-23 12:23:21 -07:00
Tom Eastep
e4830f6342 Compensate for silly RHEL bug
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-19 06:43:25 -07:00
Tom Eastep
c007f847a0 Handle disabled helpers in pre-3.5 kernels.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-06 15:54:45 -07:00
Tom Eastep
49fb2799e9 Correct detection of 'netbios-ns' in the CLIs.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-05 08:07:19 -07:00
Tom Eastep
6c97e13107 Use -j CT for helper detection, when available
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-04 11:36:03 -07:00
Tom Eastep
72307df6d2 Replace the AUTOHELPERS option with the HELPERS option.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-03 10:53:20 -07:00
Tom Eastep
9ceff3c213 Display KERNELVERSION and CAPVERSION in 'show capabilities'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-02 17:38:41 -07:00
Tom Eastep
21770a89d6 Detect which matches are available.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-08-02 15:38:23 -07:00
Tom Eastep
917e2980a4 Correct error message generation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-30 09:22:43 -07:00
Tom Eastep
c8ea03bf8c Update help text
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-30 07:23:53 -07:00
Tom Eastep
735b7c2cf5 Add support for nfacct
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-28 11:21:16 -07:00
Tom Eastep
87c0f934aa Add NFacct Match capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-28 08:19:05 -07:00
Tom Eastep
e7cd84a72c Implement rpfilter match capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-07-15 07:54:46 -07:00
Tom Eastep
9c486e62e5 Correct handling of SYSCONFDIR
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-09 06:26:03 -07:00
Tom Eastep
49d361e44f Correct another problem with the Shorewall-core installer
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-06 11:25:58 -07:00
Tom Eastep
312efe5c7b Use enable/disable for up and down of provider interfaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-06-01 11:27:57 -07:00
Tom Eastep
885830b67c Correct configure and configure.pl to output SPARSE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-15 12:27:16 -07:00
Tom Eastep
ac2ed505bb Add GeoIP support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-14 17:12:46 -07:00
Tom Eastep
9efb60c53a Move init.slackware.firewall.sh to Shorewall-core
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-27 16:15:04 -07:00
Tom Eastep
e0570cc35e Install fixes for Slackware
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-27 07:16:11 -07:00
Tom Eastep
d904a2de86 Search and destroy trailing whitespace
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-24 14:52:57 -07:00
Tom Eastep
8211c5de35 Add a comment about 'find_tables()'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-24 09:15:29 -07:00
Tom Eastep
a50bb407aa Patch from Roberto
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-21 17:51:54 -07:00
Tom Eastep
3a967d66cf Fix configure
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-16 12:57:34 -07:00
Tom Eastep
9d219445d9 Make 'show routing work with iproute 20111117
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-16 11:40:36 -07:00
Tom Eastep
1462fcd351 Synchronize global settings
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-15 09:43:41 -07:00
Tom Eastep
baa1a2983b Fix redhat PERLLIBDIR.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-14 11:38:13 -07:00
Tom Eastep
1477d60926 Correct the output of 'version -a'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-12 18:58:06 -07:00
Tom Eastep
32264c2e7e Make arguments to the configure script optional
- Scripts detects vendor
- Scripts Annotate the shorewallrc file with version and argument info
- configure detects BASH version
2012-04-12 14:43:02 -07:00
Tom Eastep
1f2ac17091 Remove blank line in shorewallrc.suse
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-12 07:03:41 -07:00
Tom Eastep
06588c2e4a Fix configure.pl
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-12 07:03:32 -07:00
Tom Eastep
3c09368032 Make changes suggested by Orion Poplawski
- Change shorewallrc.redhat LIBEXECDIR and PERLLIBDIR settings
- Install -lite Makefiles in ${SHAREDIR}/${PRODUCT}/

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-11 15:41:21 -07:00
Tom Eastep
4fa71d122c Add comments to shorewallrc files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-11 15:23:19 -07:00
Tom Eastep
8b7d60065e Clean up configure.pl
- Remove blank lines at the end
- Simply the handling of vendor

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-11 08:05:52 -07:00
Tom Eastep
76de9bf1fa Add Perl version of configure for use in rpm builds
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-10 10:20:53 -07:00
Tom Eastep
6fb2fcbc8a Update base library version
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-05 08:03:10 -07:00
Tom Eastep
319d07b1d3 Remove more absolute path names
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-04 09:24:48 -07:00
Tom Eastep
38b6dca223 Correct a number of issues with Shorewall-lite
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-04 07:08:02 -07:00
Tom Eastep
fb428bf564 Don't modify CONFDIR and SHAREDIR in the shell code
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-02 12:39:49 -07:00
Tom Eastep
a11e2dd452 Correct uninstall scripts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-02 06:48:23 -07:00
Tom Eastep
bb6e17fd3e Many changes involved in getting a relocated installations to work
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-04-01 10:47:24 -07:00
Tom Eastep
e48e13012c Fix up lib.base during installation
- Shorewall-core installer creates all necessary directories.
2012-04-01 08:16:07 -07:00
Tom Eastep
02a68aa436 Look for ./shorewallrc first
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-31 17:40:18 -07:00
Tom Eastep
766370e22a More work on installers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-31 14:42:01 -07:00
Tom Eastep
9ca82d8bf6 More relocation bugs fixed
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-30 15:22:06 -07:00
Tom Eastep
6a2f907ee1 Append product name to ${vardir}
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-30 15:01:34 -07:00
Tom Eastep
7c0a0d81f8 Correct include of lib.base from lib.cli
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-30 14:49:10 -07:00
Tom Eastep
15335f8615 Modify CLIs and libs to know where shorewallrc is.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-30 12:02:25 -07:00
Tom Eastep
4c2cdd5a07 Redeclare pn
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-29 19:05:17 -07:00
Tom Eastep
8a695b4073 Correct syntax error in configure
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-29 18:53:21 -07:00
Tom Eastep
74ca7b5269 Correct syntax error in configure
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-29 18:50:53 -07:00
Tom Eastep
82e7bc707d Correct syntax error in configure
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-29 18:22:11 -07:00
Tom Eastep
c4afe0922e Update shorewallrc.suse per Togan Muftuoglu
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-29 08:38:52 -07:00
Tom Eastep
279fbe4543 Add additional param mapping and eliminate syntax error in configure script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-29 07:40:15 -07:00
Tom Eastep
2d841269ee Remove 'local file'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-28 17:01:56 -07:00
Tom Eastep
9713fe358b Add aliases for certain parameters.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-28 17:01:43 -07:00
Tom Eastep
416f854311 Rename vendor -> host
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-28 06:13:10 -07:00
Tom Eastep
62f37e6b23 Correct type on Shorewall-core install script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-27 20:30:26 -07:00
Tom Eastep
c2fa5ae78f Correct typo in install.sh files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-27 20:19:06 -07:00
Tom Eastep
7ded1df94b Add a configure script
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-27 14:33:49 -07:00
Tom Eastep
e1e4855211 Rename USR to PREFIX
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-27 07:47:22 -07:00
Tom Eastep
f2311f1987 Update install scripts to look for .shorewallrc in many places
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-26 17:01:55 -07:00
Tom Eastep
b31f656d63 Update uninstall scripts for multiple .shorewallrc locations.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-26 16:19:40 -07:00
Tom Eastep
e641bf7ac2 Correct typo
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-26 16:01:35 -07:00
Tom Eastep
7b9c1d43cd Look in additional places for .shorewallrc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-26 15:00:43 -07:00
Tom Eastep
dee20c8d74 Add OWNER_NAME_MATCH to do_user
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-25 20:18:20 -07:00
Tom Eastep
25e7555e80 Correct typo in the compiler 2012-03-25 12:36:25 -07:00
Tom Eastep
74c7760d9d Correct typo in shorewallrc.suse
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-25 08:30:30 -07:00
Tom Eastep
8a18dac870 Installer tweaks
- Give instructions when Shorewall-core installer finds no rc file
- Update help

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-25 07:49:52 -07:00
Tom Eastep
294babcfbb Add USR to the rc files for easier modification
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-25 07:20:40 -07:00
Tom Eastep
217d5e636c Add BLACKLIST Macro
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-24 19:29:27 -07:00
Tom Eastep
eb118e4443 Add shorewallrc files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-24 13:05:39 -07:00
Tom Eastep
0063de1564 Add capabilities to conditionals
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-19 11:57:33 -07:00
Tom Eastep
72e6330ff4 Revert "Add capabilities to ?IF conditionals"
This reverts commit 0d71c590e4.
2012-03-19 07:20:31 -07:00
Tom Eastep
0d71c590e4 Add capabilities to ?IF conditionals
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-03-18 08:48:26 -07:00
Tom Eastep
fc12125223 Include Shorewall status in the heading of the dump output
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-26 16:14:43 -08:00
Tom Eastep
c252005e25 Add support for packager's config file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-23 10:07:02 -08:00
Tom Eastep
09ad6bba1a Fix Shorewall-core installer
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-22 15:59:28 -08:00
Tom Eastep
a6afac0f3c Use standard rpm macros
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-22 13:32:10 -08:00
Tom Eastep
f6cc44eb6b Rename HOST -> TARGET and BUILD -> HOST
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-21 13:00:09 -08:00
Tom Eastep
ed9e03b095 Correct FEDORA/REDHAT fiasco
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-20 16:11:28 -08:00
Tom Eastep
3180e13719 Require LIBEXEC and LIBPERL to be absolute path names
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-20 12:04:00 -08:00
Tom Eastep
9869b4c068 Rename environmental variables:
INSTALLSYS => BUILD
TARGET     => HOST

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-20 10:12:52 -08:00
Tom Eastep
8c981e0464 Cleanup of install scripts based on feedback from Mr. Dash4
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-20 10:08:42 -08:00
Tom Eastep
a1ec1dc178 Add DSCP match support
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-20 08:47:48 -08:00
Tom Eastep
59950a7242 Add new install methodology to Shorewall-core
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-18 08:19:39 -08:00
Tom Eastep
29fcb9b08f Apply Simon Mater's patch for LIBEXEC/PERLLIB
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-13 12:57:07 -08:00
Tom Eastep
0c1beb50ae Add 'IMQ Target' capability to tcrules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-02-02 12:54:00 -08:00
Tom Eastep
81a96e689b Correct syntax error in lib.cli
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-29 16:50:32 -08:00
Tom Eastep
66b976a934 Eliminate g_base variable
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-21 05:49:51 -08:00
Tom Eastep
aeac7cacb0 Make shorewall-init work again.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-20 09:10:13 -08:00
Tom Eastep
b7235cebb0 Sort IPv4 routing tables in 'show routing'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-20 07:08:02 -08:00
Tom Eastep
93bd0b59a8 Load lib.base from lib.cli
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-14 14:17:06 -08:00
Tom Eastep
531474592c Correct handling of '-p'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-13 15:42:20 -08:00
Tom Eastep
e4e11ad5f1 Correct iptablesbug() to handle -g
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-09 06:50:12 -08:00
Tom Eastep
aab9fb1d8e Work around 'echo' commands in /etc/shorewall[6]/params
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-07 07:55:55 -08:00
Tom Eastep
252bba215e Move lib.core from Shorewall-core to Shorewall
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-05 11:30:36 -08:00
Tom Eastep
46d8adcfe9 Add STATISTIC_MATCH capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-04 15:46:01 -08:00
Tom Eastep
84dc26b82c Create lib.core
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-03 13:06:00 -08:00
Tom Eastep
7d756f51ac More unification of prog.header and prog.header6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-03 08:39:18 -08:00
Tom Eastep
018ba394e3 Move common code from prog.header[6] to lib.common 2012-01-02 14:13:19 -08:00
Tom Eastep
a39f4699dc Update versions and copyrights
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-02 07:43:13 -08:00
Tom Eastep
ad994438cb Correct 'debug' and 'trace' of lite start/restart
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-01 21:16:16 -08:00
Tom Eastep
48a59e032e Add Shorewall-common
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-01-01 20:30:09 -08:00