teastep
20d3f6afdc
Error with ESTABLISHED/RELATED rules and FASTACCEPT
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3419 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-02-01 23:05:32 +00:00
teastep
bb7bf55a77
Fix typo in shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3411 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-31 16:24:23 +00:00
teastep
c137f1992a
Rename VERBOSE to VERBOSITY
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3373 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-24 17:44:19 +00:00
teastep
33cc957521
Repair -v brain damage
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3371 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-24 16:10:41 +00:00
teastep
cf8344b26d
Allow default verbosity to be set in shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3358 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-23 17:48:15 +00:00
teastep
248b26a7d8
Re-add dynamic zone capability
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3264 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2006-01-11 23:30:33 +00:00
teastep
1cb2d888e8
Remove dynamic zone capability from development branch
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3196 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-24 21:23:10 +00:00
teastep
98f828f1c9
Console-friendly shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3163 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-14 16:18:38 +00:00
teastep
1ed05f0fef
Change CLEAR_TC default to 'Yes'
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3148 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-10 20:11:07 +00:00
teastep
3d0ec74fde
Clarifications and minor documentation corrections
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3108 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-01 22:27:18 +00:00
teastep
ee433d350d
Add upgrade warning to shorewall.conf -- Take 2
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3105 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-01 21:26:41 +00:00
teastep
d395e177a1
Add upgrade warning to shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3104 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-12-01 21:11:23 +00:00
teastep
577389464f
Improve bridging instructions in config file comments
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3090 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-11-28 15:26:06 +00:00
teastep
532bb3df5e
Typo in shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2874 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-13 18:12:55 +00:00
teastep
2fc9e1590e
Clean up MACLIST_TABLE mess in shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2873 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-13 18:11:48 +00:00
teastep
7d97b536a6
Move MACLIST_TABLE to correct section of shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2850 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-11 16:49:13 +00:00
teastep
f7e2332fd3
Correct spelling of MACLIST_TABLE in shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2847 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-10 21:29:24 +00:00
teastep
1af4d541a0
Add TC_ENABLED=Internal
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2836 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-09 15:47:47 +00:00
teastep
d680528283
Replace TC_ENABLED with TC_SCRIPT
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2829 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-07 22:16:03 +00:00
teastep
a510a70124
Incomplete implementation of MACLIST_TABLE
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2815 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-06 20:01:51 +00:00
teastep
7870f16cb7
Bring tc4shorewall code into the firewall script
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2806 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-05 22:51:29 +00:00
teastep
a66d94d609
Fixes for IPP2P -- fix 'shorewall flush' and multi-ISP
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2801 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-05 16:45:50 +00:00
teastep
340053a6bc
Require MARK_IN_FORWARD_CHAIN=Yes for multi-ISP
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2792 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-04 17:40:09 +00:00
teastep
2b6a9bb843
Deimplement original 'netnotsyn' handling
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2766 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-10-01 15:55:41 +00:00
teastep
3daf8076ff
Add warning about side effects of ADD_SNAT_ALIASES and ADD_IP_ALIASES
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2749 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-29 15:37:15 +00:00
teastep
f6875e9da7
Alchemy -- zone file style
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2623 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-09-02 20:46:53 +00:00
teastep
738b45ad9e
Update the version number to 3.0 in all files
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2606 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-31 15:27:22 +00:00
teastep
370d61970a
Add FASTACCEPT option to accept ESTABLISHED/RELATED packets early
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2474 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-11 19:53:07 +00:00
teastep
ac1983a5da
Large cleanup patch from Tuomo Soini
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2449 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-08-02 16:46:30 +00:00
teastep
0a03598d11
Correct anachronistic reference in /etc/shorewall/shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2436 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-31 16:26:55 +00:00
teastep
b66929a65e
Large merge of function from EXPERIMENTAL to HEAD.
...
1) Elimination of the "shorewall monitor" command.
2) The /etc/shorewall/ipsec and /etc/shorewall/zones file are combined into
a single /etc/shorewall/zones file. This is done in an upwardly-compatible
way so that current users can continue to use their existing files.
3) Support has been added for the arp_ignore interface option.
4) DROPINVALID has been removed from shorewall.conf. Behavior is as if
DROPINVALID=No was specified.
5) The 'nobogons' option and BOGON_LOG_LEVEL are removed.
6) Error and warning messages have been made easier to spot by using
capitalization (e.g., ERROR: and WARNING:).
7) The /etc/shorewall/policy file now contains a new connection policy and a
policy for ESTABLISHED packets. Useful for users of snort-inline who want to
pass all packets to the QUEUE target.
8) A new 'critical' option has been added to /etc/shorewall/routestopped.
Shorewall insures communication between the firewall and 'critical' hosts
throughout start, restart, stop and clear. Useful for diskless firewall's
with NFS-mounted file systems, LDAP servers, Crossbow, etc.
9) Macros. Macros are very similar to actions but are easier to use, allow
parameter substitution and are more efficient. Almost all of the standard
actions have been converted to macros in the EXPERIMENTAL branch.
10) The default value of ADD_IP_ALIASES in shorewall.conf is changed to No.
11) If you have 'make' installed on your firewall, then when you use
the '-f' option to 'shorewall start' (as happens when you reboot),
if your /etc/shorewall/ directory contains files that were modified
after Shorewall was last restarted then Shorewall is started using
the config files rather than using the saved configuration.
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2409 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-25 23:08:09 +00:00
teastep
b0e6e3a893
Given the large number of people shooting themselves in the foot with
...
poorly-written one-to-one NAT rules, I'm changing the shorewall.conf
file to set ADD_IP_ALIASES=No in shorewall.conf. Hopefully, this will
reduce the amount of whining about routing table modification during
"shorewall [re]start".
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2372 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-19 18:41:05 +00:00
teastep
318e204358
Re-implement MACLIST_TTL
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2358 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-17 22:08:15 +00:00
teastep
c6e3e84352
Disable MACLIST_TTL
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2356 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-17 16:52:21 +00:00
paulgear
2a19eb8a5a
Copy latest 2.4 version from Shorewall2/
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2264 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 05:55:29 +00:00
paulgear
90dd62e89e
Copy latest 2.2 version from STABLE2/
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2263 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 05:45:05 +00:00
paulgear
921a7223d4
Copy latest 2.0 code from STABLE2/
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2262 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-07-09 04:45:32 +00:00
teastep
5338cb48b0
Minor updates for 1.4.9
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1070 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-01-09 20:18:40 +00:00
teastep
795c791669
Remove backquotes from commands in shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@812 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-08 18:42:25 +00:00
teastep
5466a7f35b
Add MODULE_SUFFIX option
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@799 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-01 18:37:41 +00:00
teastep
baa82a4697
Add MODULE_SUFFIX option
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@798 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-12-01 18:30:28 +00:00
teastep
f9c596a465
Reword desciption of NEWNOTSYN
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@793 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-11-28 17:39:53 +00:00
teastep
f046ea3ab1
Fix route filtering
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@782 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-30 15:42:45 +00:00
teastep
ee51d49233
Correct Debian lockfile usage comment in shorewall.conf
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@781 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-27 22:36:22 +00:00
teastep
67ad01a56f
Added BLACKLISTNEWONLY
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@765 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-10-11 16:06:00 +00:00
teastep
3d9d913b4b
1.4.6_2003-731 plus idiot-proofing of the policy file
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@682 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-08-01 02:49:12 +00:00
teastep
4c08cc4780
ADMINISABSENTMINDED Option
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@681 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-07-29 23:04:04 +00:00
teastep
fc1cc9b0eb
Fix capability report -- Simon Matter
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@622 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-30 14:21:42 +00:00
teastep
06e38b587d
SHOREWALL_SHELL parameter
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@621 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-28 15:22:22 +00:00
teastep
7a2cad4d07
Add Conntrack Match Capability
...
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@618 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2003-06-27 21:02:52 +00:00