holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Add 'IU' state in secmarks

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2012-11-25 08:10:53 -08:00
parent 748d532175
commit dbfc805707
3 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Shorewall/Perl/Shorewall/Tc.pm
View File

@ -2222,6 +2222,7 @@ sub process_secmark_rule() {
my %state = ( N => 'NEW' , my %state = ( N => 'NEW' ,
I => 'INVALID', I => 'INVALID',
U => 'UNTRACKED', U => 'UNTRACKED',
IU => 'INVALID,UNTRACKED',
NI => 'NEW,INVALID', NI => 'NEW,INVALID',
NU => 'NEW,UNTRACKED', NU => 'NEW,UNTRACKED',
NIU => 'NEW,INVALID,UNTRACKED', NIU => 'NEW,INVALID,UNTRACKED',

4
Shorewall/manpages/shorewall-secmarks.xml
View File

@ -92,7 +92,7 @@
<varlistentry> <varlistentry>
<term><emphasis role="bold">CHAIN:STATE (chain) - <term><emphasis role="bold">CHAIN:STATE (chain) -
{P|I|F|O|T}[:{N|I|U|NI|NU|NIU|NUI:E|ER}]</emphasis></term> {P|I|F|O|T}[:{N|I|U|IU|NI|NU|NIU|NUI:E|ER}]</emphasis></term>
<listitem> <listitem>
<para>This column determines the CHAIN where the SElinux context is <para>This column determines the CHAIN where the SElinux context is
@ -132,6 +132,8 @@
<simplelist> <simplelist>
<member>:U - UNTRACKED connection</member> <member>:U - UNTRACKED connection</member>
<member>:IU - INVALID or UNTRACKED connection</member>
<member>:NU - NEW or UNTRACKED connection</member> <member>:NU - NEW or UNTRACKED connection</member>
<member>:NIU - NEW, INVALID or UNTRACKED connection.</member> <member>:NIU - NEW, INVALID or UNTRACKED connection.</member>

11
Shorewall6/manpages/shorewall6-secmarks.xml
View File

@ -91,10 +91,13 @@
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term><emphasis role="bold">CHAIN - <term><emphasis role="bold">CHAIN:STATE (chain) -
{P|I|F|O|T}[:{N|I|NI|E|ER}]</emphasis></term> {P|I|F|O|T}[:{N|I|U|IU|NI|NU|NIU|NUI:E|ER}]</emphasis></term>
<listitem> <listitem>
<para>This column determines the CHAIN where the SElinux context is
to be applied:</para>
<simplelist> <simplelist>
<member>P - PREROUTING</member> <member>P - PREROUTING</member>
@ -116,7 +119,7 @@
<member>:I - INVALID connection</member> <member>:I - INVALID connection</member>
<member>:NI - New or INVALID connection</member> <member>:NI - NEW or INVALID connection</member>
<member>:E - ESTABLISHED connection</member> <member>:E - ESTABLISHED connection</member>
@ -129,6 +132,8 @@
<simplelist> <simplelist>
<member>:U - UNTRACKED connection</member> <member>:U - UNTRACKED connection</member>
<member>:IU - INVALID or UNTRACKED connection</member>
<member>:NU - NEW or UNTRACKED connection</member> <member>:NU - NEW or UNTRACKED connection</member>
<member>:NIU - NEW, INVALID or UNTRACKED connection.</member> <member>:NIU - NEW, INVALID or UNTRACKED connection.</member>