Tom Eastep
17e25932f0
Fixes for GeoIP
...
- Correct check for valid ACTION
- Add to Shorewall6/actions.std
- Only use geoip once per invocation
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-15 11:14:28 -07:00
Tom Eastep
63ae00e4a4
Fix bug in 'interface_is_usable'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-15 06:58:03 -07:00
Tom Eastep
ac2ed505bb
Add GeoIP support
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-14 17:12:46 -07:00
Tom Eastep
926e589414
Exit the tcpost chain if a connection mark is restored
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-14 10:35:42 -07:00
Tom Eastep
9f1c920a39
Don't allow RSTs to be REJECTed
2012-05-14 10:34:11 -07:00
Tom Eastep
9ea233d55f
Split a couple of functions with address-family dependent logic.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-13 15:53:02 -07:00
Tom Eastep
60bde6231a
Improve interface_is_usable()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-13 13:49:59 -07:00
Tom Eastep
3d575a45bd
Re-code interface_is_usable()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-13 11:56:52 -07:00
Tom Eastep
1f621002b7
Ignore 'isusable' on 'enable'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-12 19:38:18 -07:00
Tom Eastep
cd150af790
Update .status file on disable
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-12 07:44:46 -07:00
Tom Eastep
cd98266396
Correct add of default IPv6 route when no gateway specified
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-12 07:15:24 -07:00
Tom Eastep
3d541f50c8
Use "(S)" consistently in column headings.
...
- add synonyms so both the singular and plural forms are accepted.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 12:42:04 -07:00
Tom Eastep
bad8b9bddb
Improve TPROXY documentation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 11:39:15 -07:00
Tom Eastep
f77b350a7b
Clear the 'balance' table if no balanced providers.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 11:28:06 -07:00
Tom Eastep
bed4457e0e
Delete jump to 'tproxy'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 09:00:09 -07:00
Tom Eastep
2d5269be7b
Fix another conditional compilation bug.
...
?IF $false
?IF $false
...
?ENDIF
foo <------- This line is not omitted!
?ENDIF
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 07:44:46 -07:00
Tom Eastep
a05b3afd7f
Eliminate the 'tproxy' chain
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 07:42:44 -07:00
Tom Eastep
9e743451f6
Add FORMAT 2 to tcrules files. Initialize $format in Tc.pm
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-11 07:08:06 -07:00
Tom Eastep
cb7fc31f0b
Restore 4.5.3 compatibility
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-10 14:23:33 -07:00
Tom Eastep
69d735ea0a
Make TPROXY actually work!
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-10 11:19:23 -07:00
Tom Eastep
4d4fc315e0
More TPROXY changes
...
- Combine identical DIVERT chains.
- Add --transparent to -m socket
- Reserve a TPROXY bit in the fwmark
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-10 07:25:07 -07:00
Tom Eastep
820c965b72
Allow Shorewall::Config::in_hex() to accept an argument already expressed in hex.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-09 13:51:49 -07:00
Tom Eastep
605ef6ef86
Tweak to DIVERT plus correct TPROXY in man pages.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-09 13:10:51 -07:00
Tom Eastep
2eb7af23dc
Merge branch 'master' into 4.5.3
2012-05-09 10:03:43 -07:00
Tom Eastep
582d025f58
Add DIVERT action to tcrules.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-09 09:41:58 -07:00
Tom Eastep
b55d8c04e4
Do logical->physical mapping in rtrules.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-08 14:52:18 -07:00
Tom Eastep
3b6f5b2d8a
Finish alternative balancing
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-08 13:55:13 -07:00
Tom Eastep
6639b3534e
Close all input files in Shorewall::Config::cleanup()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-08 08:58:14 -07:00
Tom Eastep
59bf343521
Leave first filename and linenumber on the same line as error text.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-08 08:55:24 -07:00
Tom Eastep
089d980dae
Document the --shorewallrc parameter to compiler.pl
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-08 07:59:22 -07:00
Tom Eastep
1d6e6b65db
Finish a comment
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 17:06:35 -07:00
Tom Eastep
2224fdbc65
Correct help text in compiler.pl
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 16:55:51 -07:00
Tom Eastep
fd1d6cf935
Handle default shorewallrc location
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 16:55:17 -07:00
Tom Eastep
5d7442e9e9
Correct typo in converted blrules file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 12:13:26 -07:00
Tom Eastep
ef90006334
Avoid reference to unitialized variable on bogus FORMAT in interfaces
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 12:00:21 -07:00
Tom Eastep
2cbf1e86ad
Allow synonyms for column names in alternate specification formats
...
- gateway and gateways in the tunnels file
- mark and action in the tcrules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 11:59:47 -07:00
Tom Eastep
dd8e9ff09d
Fix 'COMMENT' along in the tunnels file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 11:58:37 -07:00
Tom Eastep
4320150dc4
Add alternate specification in tunnels file ('gateways')
...
- Make similar change in tcrules file with 'action'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 07:43:11 -07:00
Tom Eastep
7453b70666
Add emphasis to the 'required' option in the config basics doc
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-07 07:14:56 -07:00
Tom Eastep
003daec41c
Remove a couple of hard-coded '/usr/share' in Shorewall::Config
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-06 17:30:17 -07:00
Tom Eastep
cb159eba2e
Add RST action.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-06 12:14:30 -07:00
Tom Eastep
aac00c3cc7
Pop open stack in run_user_exit1 and run_user_exit2
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-05 10:31:55 -07:00
Tom Eastep
cd35b6a13f
Modify macro.BLACKLIST to use blacklog when appropriate
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-05 08:56:55 -07:00
Tom Eastep
af228806fc
Allow manual changes to be used in macros.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-05 08:56:26 -07:00
Tom Eastep
69f6aae982
Delete extra copy of macro.BLACKLIST
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-05 08:40:25 -07:00
Tom Eastep
53d66833b2
Document how to avoid dhcp client setting default route
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-04 08:28:06 -07:00
Tom Eastep
1d90ee174c
Cleanup of ERROR/WARNING message enhancement.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-04 07:01:08 -07:00
Tom Eastep
097ab853db
Apply Tuomo Soini's tunnels patch
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-04 06:18:22 -07:00
Tom Eastep
3e37f47fb5
Print out the include/open stack in WARNING and ERROR messages.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-03 17:17:55 -07:00
Tom Eastep
bd30d59f3d
Fix annotated interfaces files.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2012-05-03 14:09:49 -07:00