Tom Eastep
|
7e6fc3229d
|
Correct handling of default chain when a mark range is specified.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-01-07 13:15:51 -08:00 |
|
Tom Eastep
|
42dd8dfee9
|
Change license to GPLv2+ and update copyrights
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-01-04 09:48:27 -08:00 |
|
Tom Eastep
|
5a7e458104
|
Backout ematch stuff for now
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-01-03 12:01:56 -08:00 |
|
Tom Eastep
|
7e1a310929
|
Implement ipset matches in tcfilters
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-01-03 09:35:34 -08:00 |
|
Tom Eastep
|
78ecf9bdc8
|
Finish up ipset extensions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-01-03 09:23:14 -08:00 |
|
Tom Eastep
|
1771bb75cf
|
Finish ipset match option implementation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-01-02 14:43:55 -08:00 |
|
Tom Eastep
|
b4847d6a01
|
New IPSET MATCH extensions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-01-02 09:36:35 -08:00 |
|
Tom Eastep
|
48ceed9ecb
|
Make tcpflags the default.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-01-01 15:10:38 -08:00 |
|
Tom Eastep
|
1083dd8c26
|
Allow ?COMMENT in the mangle file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-01-01 08:02:17 -08:00 |
|
Tom Eastep
|
5e7cd855c2
|
Correct typo in Tc.pm
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-01-01 07:53:38 -08:00 |
|
Tom Eastep
|
623bdd2ff1
|
Manpage corrections.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-01-01 07:41:28 -08:00 |
|
Tom Eastep
|
b61ee2d75e
|
Manpage updates for IP[6]TABLES
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-01-01 07:18:54 -08:00 |
|
Tom Eastep
|
2c2aaf262c
|
Add IP[6]TABLES support for the conntrack file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-01-01 07:18:36 -08:00 |
|
Tom Eastep
|
6c990a7253
|
Logically OR builtin definitions from the actions file if the builtin exists
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-01-01 07:18:00 -08:00 |
|
Tom Eastep
|
f7bbac6ea8
|
Make tcrules/mangle similar to notrack/conntrack.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2014-01-01 07:15:56 -08:00 |
|
Tom Eastep
|
4c1b83beef
|
Tweaks to the Tc.pm module.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-31 11:42:38 -08:00 |
|
Tom Eastep
|
ac6a506e35
|
Allow logging from the RAW table
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-31 11:04:43 -08:00 |
|
Tom Eastep
|
11e61ec6e5
|
Add chain information to the builtin_target table.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-31 08:22:58 -08:00 |
|
Tom Eastep
|
5985a6e9b3
|
Implement IP[6]TABLES in the rules files.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-29 13:46:58 -08:00 |
|
Tom Eastep
|
4cc5ee6b73
|
Document IP[6]TABLES in the manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-29 10:13:38 -08:00 |
|
Tom Eastep
|
66a04e4819
|
Allow inline matches with IP[6]TABLES
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-29 10:13:00 -08:00 |
|
Tom Eastep
|
1634267faa
|
Rename JUMP to IP[6]TABLES.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-29 10:12:33 -08:00 |
|
Tom Eastep
|
c8866ef8bf
|
Correct handling of columns with embedded spaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-29 08:56:14 -08:00 |
|
Tom Eastep
|
8f6f0c94a4
|
Replace tcrules with mangle in the manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-28 15:35:08 -08:00 |
|
Tom Eastep
|
6fe06c82c8
|
More switch from tcrules to mangle
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-28 15:24:05 -08:00 |
|
Tom Eastep
|
543446f8d7
|
Integrate tcrules and mangle processing.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-28 14:24:36 -08:00 |
|
Tom Eastep
|
a1222d10cb
|
change 'marks' file to 'mangle'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-28 10:03:23 -08:00 |
|
Tom Eastep
|
3dba1f5bee
|
Tested version of the marks file handler
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-27 12:38:22 -08:00 |
|
Tom Eastep
|
3960aaee4c
|
Consolidate declarations in process_mark_rule().
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-24 09:49:10 -08:00 |
|
Tom Eastep
|
5419109880
|
Correct syntax errors in new mars handling
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-24 09:04:54 -08:00 |
|
Tom Eastep
|
584b0ac50e
|
Some small tweaks to the marks file processing
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-24 07:25:40 -08:00 |
|
Tom Eastep
|
1d84f27efe
|
Add shorewall-marks manpage
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-20 14:12:35 -08:00 |
|
Tom Eastep
|
4c840a05a0
|
Fix issue in the shorewall-tcrules and shorewall6-tcrules manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-19 16:24:50 -08:00 |
|
Tom Eastep
|
6323372ebd
|
Fix issue in the shorewall-tcrules and shorewall6-tcrules manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-19 16:23:32 -08:00 |
|
Tom Eastep
|
4c2cedb670
|
Add get_target_param1() that doesn't accept the <action>/<param> syntax
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-19 09:17:11 -08:00 |
|
Tom Eastep
|
f32a777099
|
Fix INLINE in tcrles
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-18 09:19:35 -08:00 |
|
Tom Eastep
|
cd5be38cfb
|
Eliminate silly extra loop in accounting processing.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-18 09:19:16 -08:00 |
|
Tom Eastep
|
2894bb9656
|
Move INLINE processing into the Chains module.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-16 12:31:35 -08:00 |
|
Tom Eastep
|
fad3b42bd3
|
Correct line split in the Accounting module
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-16 07:40:41 -08:00 |
|
Tom Eastep
|
4e4e7cac1d
|
Redefine the -i option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-15 11:23:20 -08:00 |
|
Tom Eastep
|
6d72cb3138
|
Correct update inline
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-15 09:32:09 -08:00 |
|
Tom Eastep
|
cb74b2d706
|
Document the -i update option in the manpages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-14 20:54:56 -08:00 |
|
Tom Eastep
|
9abe60bc27
|
Implement the -i option of upgrade
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-14 17:54:10 -08:00 |
|
Tom Eastep
|
33c5893bdb
|
Implement INLINE_MATCHES
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-14 13:35:01 -08:00 |
|
Tom Eastep
|
2bc329aa1d
|
Add INLINE support to the masq file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-13 15:44:16 -08:00 |
|
Tom Eastep
|
f22dfcaa75
|
Merge branch '4.5.21'
|
2013-12-08 09:02:44 -08:00 |
|
Tom Eastep
|
d71c2688dc
|
Clarify the need to quote/escaape settings with parentheses.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-08 09:02:25 -08:00 |
|
Tom Eastep
|
95abeaea24
|
Finish INLINE in the tcrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-01 09:25:32 -08:00 |
|
Tom Eastep
|
75258083e3
|
Cleanup of column splitting change.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-12-01 09:24:49 -08:00 |
|
Tom Eastep
|
bf44e514e3
|
Keep parentheses balanced when splitting a line.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-11-30 14:13:42 -08:00 |
|
Tom Eastep
|
e5d250750b
|
Correct handling of ?SECTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-11-27 07:53:33 -08:00 |
|
Tom Eastep
|
d63262a0cb
|
change ZONE2ZONE default to '-'.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-11-24 08:16:28 -08:00 |
|
Tom Eastep
|
3870157898
|
Issue warning on bare SECTION headings.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-11-24 07:58:02 -08:00 |
|
Tom Eastep
|
80d54ec40b
|
Implement ?SECTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-11-18 06:57:54 -08:00 |
|
Tom Eastep
|
855cb6e7f4
|
Correct handling of HFSC classes with DMAX but no UMAX
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-11-16 08:07:23 -08:00 |
|
Tom Eastep
|
ea21d61f39
|
Correct Broadcast Actions
- Delete --dst-type BROADCAST from IPv6
- Suppress superfluous multicast rule
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-11-12 08:41:58 -08:00 |
|
Tom Eastep
|
3b5c1ad601
|
Remove anachronistic text from the tcinterfaces manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-11-10 08:19:16 -08:00 |
|
Tom Eastep
|
e14d92c5ac
|
Add DROP support in tcrules
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-11-04 10:50:11 -08:00 |
|
Tom Eastep
|
5f37b5bde6
|
Correct install scripts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-10-25 06:53:51 -07:00 |
|
Tom Eastep
|
b00e20d4d0
|
Merge branch '4.5.21' of ssh://server.shorewall.net/home/teastep/shorewall/code into 4.5.21
|
2013-10-24 08:04:07 -07:00 |
|
Tom Eastep
|
6eb2c0cb5f
|
Add link to the logging page from the policy manpages.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-10-24 08:01:18 -07:00 |
|
Tom Eastep
|
ca3385d1be
|
Remove superfluous '[' from character set.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-10-21 09:28:21 -07:00 |
|
Tom Eastep
|
5823411091
|
Correct typo in a regular expression.
- Re-enable |<mark> in the tctrules file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-10-21 07:04:23 -07:00 |
|
Tom Eastep
|
66c2fca2b0
|
Eradicate the use of 'fgrep'
- Busybox on Leaf Bering does not have fgrep
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-10-14 07:15:08 -07:00 |
|
Tom Eastep
|
b27e3d2fff
|
Merge branch '4.5.21'
|
2013-10-08 13:17:41 -07:00 |
|
Tom Eastep
|
5e67808abd
|
Don't add host route in default table.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-10-08 11:27:41 -07:00 |
|
Tom Eastep
|
1659d8ce9f
|
Merge branch 'master' of ssh://git.code.sf.net/p/shorewall/code
|
2013-10-08 09:52:51 -07:00 |
|
Tom Eastep
|
fa500b9ea2
|
Correct H323 and netbios-ns handling.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-10-08 09:24:52 -07:00 |
|
Tom Eastep
|
b6d7e9ea96
|
Work around emacs bug
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-10-08 09:24:40 -07:00 |
|
Tom Eastep
|
0e61c2f210
|
Correct H323 and netbios-ns handling.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-10-08 09:20:46 -07:00 |
|
Tom Eastep
|
3c9d984835
|
Correct typo
- list_split s/b split_list
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-10-08 09:19:07 -07:00 |
|
Tom Eastep
|
4917500f12
|
Work around emacs bug
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-10-08 07:13:01 -07:00 |
|
Tom Eastep
|
50b7a81b13
|
Correct typo
- list_split s/b split_list
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-10-08 06:56:16 -07:00 |
|
Tom Eastep
|
8c4bbf0c85
|
Implement REAP_OPTION capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-10-07 07:54:52 -07:00 |
|
Roberto C. Sanchez
|
12563c55a8
|
Add '. /lib/lsb/init-functions' to the Debian-specific init scripts, as recommended by lintian
|
2013-10-05 16:31:45 -04:00 |
|
Tom Eastep
|
5b515f007b
|
Fix 'monthdays' in the TIME column.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-09-30 15:43:17 -07:00 |
|
Tom Eastep
|
24218934f8
|
Clean up uninstall scripts
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-09-30 15:42:58 -07:00 |
|
Tom Eastep
|
308aaad8d4
|
Use insserv on Debian
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-09-29 09:28:22 -07:00 |
|
Tom Eastep
|
d9c3345a2d
|
Correct temporal port range in mDNS macros.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-09-29 08:05:52 -07:00 |
|
Tom Eastep
|
d7cbd1da21
|
Allow actions to manipulate the current comment from Perl.
- Added set_comment()
- moved push/pop_comment() to the :DEFAULT export
|
2013-09-23 12:21:44 -07:00 |
|
Tom Eastep
|
a389aa01a8
|
Fix for litedir
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-09-18 21:05:35 -07:00 |
|
Tom Eastep
|
a5c608e996
|
Merge branch 'master' of ssh://server.shorewall.net/home/teastep/shorewall/code
|
2013-09-18 17:59:49 -07:00 |
|
Tom Eastep
|
e570d91ab1
|
Document 'hostroute' and 'nohostroute'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-09-18 17:58:28 -07:00 |
|
Tom Eastep
|
eb75d0eef4
|
Add 'nohostroute' option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-09-18 16:49:54 -07:00 |
|
Tom Eastep
|
4524281163
|
Apply Thomas D's Gentoo support patch
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-09-17 08:22:52 -07:00 |
|
Tom Eastep
|
14bd1a9061
|
Don't require SYSCONFFILE for all products
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-09-10 08:24:27 -07:00 |
|
Tom Eastep
|
159d677acb
|
Update manpages to indicate that 'inline' is assumed for REJECT_ACTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-09-10 08:08:06 -07:00 |
|
Tom Eastep
|
5dbcdd65e2
|
Force 'inline' for REJECT_ACTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-09-10 07:37:53 -07:00 |
|
Tom Eastep
|
50411e638c
|
Report the name of the SysV init file installed.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-09-09 08:11:45 -07:00 |
|
Tom Eastep
|
dc5c0dc069
|
Validate default log levels
- Name the .conf option involved in error messages
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-09-06 16:00:15 -07:00 |
|
Tom Eastep
|
87ae801c15
|
Use the -w ip[6]tables option when available.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-09-04 10:16:36 -07:00 |
|
Tom Eastep
|
ae63a0ab77
|
Correct description of how REJECT is handled:
- Add UDP
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-09-02 17:07:58 -07:00 |
|
Tom Eastep
|
dcff4fad37
|
Add sample action to shorewall.conf manpage.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-09-01 12:20:44 -07:00 |
|
Tom Eastep
|
67603c5eb3
|
Implement REJECT_ACTION
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-09-01 09:14:10 -07:00 |
|
Tom Eastep
|
1540e50cce
|
Remove blank line
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-08-31 10:07:41 -07:00 |
|
Tom Eastep
|
39e348997f
|
Add SERVICEFILE variable to shoreallrc.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-08-18 14:27:26 -07:00 |
|
Tom Eastep
|
156ed38b23
|
Correct installation of $SYSCONFFILE
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-08-18 08:30:11 -07:00 |
|
Tom Eastep
|
a298817201
|
Improve INITSOURCE handling in the installers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-08-15 06:51:27 -07:00 |
|
Tom Eastep
|
0a2f6c18cc
|
Correct typo in prog.footer
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-08-13 07:03:20 -07:00 |
|
Tom Eastep
|
32763e998b
|
Make -v work with the status command
- Also document exit status
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2013-08-13 06:52:46 -07:00 |
|