Tom Eastep
|
a211f8fd0f
|
Infrastructure for new rule interface
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-17 10:37:15 -07:00 |
|
Tom Eastep
|
f3f535abac
|
POC of new rule interface
Also removed FAKE_AUDIT option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-17 08:35:09 -07:00 |
|
Tom Eastep
|
950c32d46b
|
Convert add_commands() calls to the equivalent add_rule() calls.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-16 16:31:29 -07:00 |
|
Tom Eastep
|
03913019d8
|
Mark DHCP rules for the convenience of move_rules().
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-16 15:34:57 -07:00 |
|
Tom Eastep
|
27621fa0f9
|
Impose some structure on setting rule options
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-16 14:46:34 -07:00 |
|
Tom Eastep
|
0f742187ae
|
Implement intermediate rule representation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-16 09:41:53 -07:00 |
|
Tom Eastep
|
15a88f962f
|
Add a FAQ regarding $FW
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-14 07:48:51 -07:00 |
|
Tom Eastep
|
9661b445f2
|
Make install/uninstall files version independent
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-13 07:29:47 -07:00 |
|
Tom Eastep
|
d1b8d7b953
|
Make perl modules version-neutral
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-10 15:10:27 -07:00 |
|
Tom Eastep
|
11c580de54
|
Fix exclusion in IPv6 hosts file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-09 17:27:09 -07:00 |
|
Tom Eastep
|
e21ff03339
|
Fix ipsets in IPv6 hosts file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-09 16:17:35 -07:00 |
|
Tom Eastep
|
fbeddca6a4
|
Another IPv6 ipset issue (z:!+set in the DEST column)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-09 15:40:18 -07:00 |
|
Tom Eastep
|
0ab7e06f84
|
Document renaming of scripts in the Build document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-09 15:15:06 -07:00 |
|
Tom Eastep
|
92e244f1b8
|
Mention reversed interfaces in FAQ 1b.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-09 09:32:38 -07:00 |
|
Tom Eastep
|
a998476d00
|
Correct Accounting module version
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-09 07:08:47 -07:00 |
|
Tom Eastep
|
6c802d3353
|
Tighten up source and dest checking in expand_rule()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-09 07:08:39 -07:00 |
|
Tom Eastep
|
1f30976790
|
Correct change that tightened editing of IPv6 addresses
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-08 18:34:33 -07:00 |
|
Tom Eastep
|
22f1d1ba89
|
Another fix for IPv6 and IPSETs
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-08 16:31:35 -07:00 |
|
Tom Eastep
|
290e5d3cfd
|
Add the release repository to the Build document
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-08 16:03:10 -07:00 |
|
Tom Eastep
|
a8daff0008
|
Correct handling of <interface>:+<ipset> in Shorewall6.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-08 15:57:08 -07:00 |
|
Tom Eastep
|
47bbf35535
|
Add symbolic link to the release directory
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-08 10:46:01 -07:00 |
|
Tom Eastep
|
3312395039
|
Remove release-oriented files from the main tree
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-08 10:45:01 -07:00 |
|
Tom Eastep
|
b70666eaf6
|
Move .spec files to release/
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-08 10:07:08 -07:00 |
|
Tom Eastep
|
7cb3392e3d
|
Expand explaination of rate limiting
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-08 09:53:56 -07:00 |
|
Tom Eastep
|
27b99a62d0
|
Move known problems file to release sub-directory
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-08 09:14:54 -07:00 |
|
Tom Eastep
|
76c97a1cc4
|
Move release documents to their own directory
|
2011-07-07 15:51:50 -07:00 |
|
Tom Eastep
|
7fa59706c5
|
Correct TPROXY/IPv6 address fix
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-07 14:50:44 -07:00 |
|
Tom Eastep
|
3f903fe3f1
|
Allow IPv6 Address as the third argument to TPROXY
- also update the manpages to describe TPROXY
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-07 06:43:16 -07:00 |
|
Tom Eastep
|
aa31e52b96
|
Show alternative message for partial PORT or PASV reply
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-07 06:43:07 -07:00 |
|
Tom Eastep
|
f977761980
|
Add modules.ipset to modules INCLUDEs.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-05 15:57:24 -07:00 |
|
Tom Eastep
|
cf5613441d
|
Correct loading of xt_ipset
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-05 15:57:14 -07:00 |
|
Tom Eastep
|
fb9e3a84c5
|
Correct check for new ipset match syntax
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-05 15:56:52 -07:00 |
|
Tom Eastep
|
95acabe97e
|
Make load and reload use the .conf file in the CWD
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-05 15:56:38 -07:00 |
|
Tom Eastep
|
1c199a2644
|
Add semicolons in new actions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-04 14:59:07 -07:00 |
|
Tom Eastep
|
20cee7649e
|
Change quotes in action.Broadcast
|
2011-07-04 13:32:32 -07:00 |
|
Tom Eastep
|
fd44a53608
|
Correct Shorewall6 .spec file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-04 13:22:27 -07:00 |
|
Tom Eastep
|
a355141f40
|
Correct typo in .spec files
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-04 13:13:52 -07:00 |
|
Tom Eastep
|
87870ad121
|
Add new actions to the .spec file
|
2011-07-04 13:01:49 -07:00 |
|
Tom Eastep
|
e1d8d71348
|
Version to 4.4.22 Beta 1
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-04 09:36:54 -07:00 |
|
Tom Eastep
|
cb8d9e8e14
|
Update IPv6 standard default actions to use new parameterized actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-04 08:01:18 -07:00 |
|
Tom Eastep
|
caa0a12e8c
|
Implement parameterized default actions for IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-04 07:52:18 -07:00 |
|
Tom Eastep
|
901b71a85c
|
Add new IPv6 Standard Actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-04 07:51:22 -07:00 |
|
Tom Eastep
|
dd353eeafb
|
Allow optimizatin of Invalid and NotSyn chains
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-04 07:50:25 -07:00 |
|
Tom Eastep
|
c4ba1089e6
|
Don't include IPv6 code in Shorewall/action.Broadcast
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-04 07:49:38 -07:00 |
|
Tom Eastep
|
6be8c08673
|
Create action chain without leading % when possible
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-04 07:48:52 -07:00 |
|
Tom Eastep
|
610e742ab5
|
Add IPv6 action.Broadcast
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-04 07:00:58 -07:00 |
|
Tom Eastep
|
863881841a
|
Add action.Invalid and action.NotSyn and modify action.Drop and action.Reject to use them
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-03 17:14:36 -07:00 |
|
Tom Eastep
|
1536ff4b92
|
Corrections to dropBcast/allowBcast
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-03 15:58:19 -07:00 |
|
Tom Eastep
|
bd1d7d6f92
|
Don't quote the empty setting of LOGLIMIT
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-03 15:55:45 -07:00 |
|
Tom Eastep
|
f96c32634c
|
Make config file quoting more consistent with update
Signed-off-by: Tom Eastep <teastep@shorewall.net>
|
2011-07-03 15:55:27 -07:00 |
|