shorewall_code

Author	SHA1	Message	Date
Tom Eastep	1e078b8c8d	Use splice() to delete rules from chains Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-04-09 09:38:03 -07:00
Tom Eastep	56bc28a182	Prepare 4.4.9 Beta 3 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-04-09 07:32:21 -07:00
Tom Eastep	c2c0fb0dd2	Fix deletion of only rule in a chain Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-04-08 17:20:11 -07:00
Tom Eastep	ab1a27ca2a	Update version to 4.4.9 Beta 2 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-04-08 13:14:51 -07:00
Tom Eastep	9a00191c88	Remove a 'defined' test that is no longer needed. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-04-08 13:12:17 -07:00
Tom Eastep	359c221783	Keep rules arrays compressed throughout the compilation process Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-04-08 12:53:30 -07:00
Tom Eastep	3937c10251	Keep rule arrays compressed during optimization Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-04-08 11:35:15 -07:00
Tom Eastep	9126cc63d9	Delete unused rules arrays Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-04-08 10:55:31 -07:00
Tom Eastep	cca2c18370	Another case where reference counts are wrong Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-04-07 20:07:03 -07:00
Tom Eastep	aeb3b277b0	Fix reference count issue Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-04-07 19:47:49 -07:00
Tom Eastep	3711e64d71	Fix for 0 values propagated to the script Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-04-07 14:38:29 -07:00
Tom Eastep	3092a85999	SWAG regarding LOG_VERBOSITY issue Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-04-07 13:43:57 -07:00
Tom Eastep	af893b6296	Add 'N' trace records for chain creation. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-30 07:32:38 -07:00
Tom Eastep	b2d8039ff6	Remove unnecessary text and 'before' images from trace entries Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-30 07:12:22 -07:00
Tom Eastep	7e97e9519d	Conditionally trace writes by copy2(). Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-29 11:56:26 -07:00
Tom Eastep	51d4bf19b5	Conditionally trace writes by copy2(). Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-29 11:56:06 -07:00
Tom Eastep	350a89e449	More complete generated script trace Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-29 09:48:23 -07:00
Tom Eastep	5c91fb40e2	Remove unneeded test; correct typo Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-29 09:04:45 -07:00
Tom Eastep	6d7226ae93	Remove special trace entries Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-28 16:31:03 -07:00
Tom Eastep	1fd656b8c9	Tweak trace facility Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-28 15:31:05 -07:00
Tom Eastep	b0733d93ee	Implement a more robust trace Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-28 13:09:04 -07:00
Tom Eastep	ef4237f5a0	Avoid verbosity overflow/underflow Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-28 07:27:27 -07:00
Tom Eastep	3e215d0482	Minor cleanup in the Chains module. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-27 08:18:41 -07:00
Tom Eastep	1153ff0c75	Avoid a shell warning when brctl is not installed. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-27 07:33:40 -07:00
Tom Eastep	f30cd7e287	Clarify provisional policy handling. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-26 08:02:49 -07:00
Tom Eastep	6cdc1ab7a2	Allow a logical interface name in the EXTERNAL column of the proxyarp file Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-25 11:41:06 -07:00
Tom Eastep	7d91edc6ec	Remove redundant line of code Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-23 12:49:06 -07:00
Tom Eastep	626b28fcd0	Auto-detect bridge when no options specified. Remove extra logic. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-23 09:28:11 -07:00
Tom Eastep	5e9aceae68	Detect bridges Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-23 08:38:54 -07:00
Tom Eastep	914d829a49	Don't optimize the 'blacklst' chain Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-22 06:47:39 -07:00
Tom Eastep	6ac549ef4e	Add a comment explaining why avoiding creation of the blacklst chain and branching to it is a bad idea. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-21 07:24:29 -07:00
Tom Eastep	6fc347b9be	Prepare 4.4.9-Beta1 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-20 07:06:47 -07:00
Tom Eastep	9a88156769	Back off on not jumping to the blacklist chain when there are no blacklist entries. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-19 11:32:22 -07:00
Tom Eastep	fae29bcf6f	Change version to 4.4.8 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-19 10:17:32 -07:00
Tom Eastep	b22b279bd1	Some additional idiot-proofing. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-19 10:01:02 -07:00
Tom Eastep	a71f5df64f	Fix indentation and quoting in TC progress messages Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-19 06:59:58 -07:00
Tom Eastep	f44dbcf20b	More copyright updates Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-18 11:13:51 -07:00
Tom Eastep	91bc3b3293	Mark a restored configuration as 'Restored' rather than 'Started'. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-17 10:10:56 -07:00
Tom Eastep	1177540fd8	Update version to RC2 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-16 12:39:35 -07:00
Tom Eastep	66c883de2c	Fix UDPLITE handling of source port when no dest port given. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-16 10:45:31 -07:00
Tom Eastep	b2a56cd542	Copyright update Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-16 09:53:51 -07:00
Tom Eastep	a01fa345b7	Add support for UDP Lite Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-16 09:42:50 -07:00
Tom Eastep	16bbe780c7	Try to avoid printing import banners unnecessarily Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-16 07:23:02 -07:00
Tom Eastep	787cec4fe7	Fix 'uninitialized variable' bug in Config::copy2 Bug reported by Tuomo Soini Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-16 07:12:39 -07:00
Tom Eastep	196cd5417f	Allow 'default' optimizations to be disabled by specifying optimization 4096. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-11 17:15:44 -08:00
Tom Eastep	249f9412f6	Add undocumented OPTIMIZE=-1 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-10 17:31:08 -08:00
Tom Eastep	4f32be03d7	Fix typo in comment Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-08 15:34:38 -08:00
Tom Eastep	93494c6ae3	Eliminate nested function declarations in generate_matrix() Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-08 13:11:10 -08:00
Tom Eastep	07cba9e066	Bump version to RC1 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-08 08:11:00 -08:00
Tom Eastep	efed2286b0	Move qt1() to lib.common Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-07 11:50:54 -08:00
Tom Eastep	f246f728e7	Flag '-' used as a port range separator Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-07 08:36:26 -08:00
Tom Eastep	5671a7ae2f	Add new options to online usage info. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-06 08:45:43 -08:00
Tom Eastep	88447bfc7d	Avoid dropping first line of library source text Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-06 08:45:21 -08:00
Tom Eastep	2d458b46b4	Update help text in prog.header* Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-06 08:13:33 -08:00
Tom Eastep	928b162d3c	Fix bug in handling of -p option Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-06 08:12:04 -08:00
Tom Eastep	7557b4b5fb	Update version to 4.4.8 Beta 3 Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-06 07:41:29 -08:00
Tom Eastep	fe089ddc36	Don't copy headers in imported libraries Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-06 07:40:43 -08:00
Tom Eastep	c8d8d75cae	Cosmetic change Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-05 10:40:18 -08:00
Tom Eastep	f8c7a284a5	Remove duplicate/unneeded functions Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-05 07:02:00 -08:00
Tom Eastep	abb943bfb7	Do library consolidation on IPv6 and load lib.cli into shorecap. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-04 13:11:33 -08:00
Tom Eastep	50330f71f6	Move many routines into lib.common. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-04 12:38:02 -08:00
Tom Eastep	7757c0bc20	Rename lib.run to lib.common Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-04 09:54:56 -08:00
Tom Eastep	7b52d812ae	Generate correct library path name Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-04 09:40:18 -08:00
Tom Eastep	4c081e5998	Add lib.run Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-04 09:12:48 -08:00
Tom Eastep	a963c8f955	Don't export CONFDIR or SHAREDIR Document CONFDIR, SHAREDIR and VARDIR Add FILEMODE to the old reserved variable names Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-03 11:46:23 -08:00
Tom Eastep	3f73b3c408	Export *DIR variables Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-03 10:39:18 -08:00
Tom Eastep	c6981de0e5	Complete elimination of globals that are not .conf options Documentation to follow Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-03 09:50:07 -08:00
Tom Eastep	ee74696747	IPv6 work to only export when necessary Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-03 08:59:58 -08:00
Tom Eastep	234e4fa754	Update module versions Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-03 08:51:55 -08:00
Tom Eastep	7457f643ee	Don't export globals when the script is 4.4.8 or later Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-03 08:51:40 -08:00
Tom Eastep	cce4bf277a	Reduce export usage; Allow PURGE and RESTOREFILE to be specified on the run-line Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-02 14:49:31 -08:00
Tom Eastep	2656a9b0c7	Eliminate use of PRODUCT Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-02 12:34:36 -08:00
Tom Eastep	68f5215f07	Remove Reliance on HOSTNAME in generated programs Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-02 11:45:35 -08:00
Tom Eastep	3ea6f6792f	Eliminate VERSION reserved variable name Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-02 08:02:10 -08:00
Tom Eastep	5fc6d58e19	Eliminate STOPPING variable Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-02 07:37:30 -08:00
Tom Eastep	d4936f4bad	Tweak to an RE used in optimization Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-02 06:58:09 -08:00
Tom Eastep	f11bfd3890	Eliminate redundate setting of PRODUCT Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-01 08:32:59 -08:00
Tom Eastep	cfa09dce22	Avoid multiple policy matches with OPTIMIZE=7 and not KLUDGEFREE Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-01 08:32:37 -08:00
Tom Eastep	3ba797cb14	Correct several bugs in the VERBOSITY overhaul Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-03-01 06:57:04 -08:00
Tom Eastep	53c73bc8e9	Eliminate VERBOSE Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-28 17:58:01 -08:00
Tom Eastep	14f83759ae	Propagate VERBOSITY even though we don't use it yet Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-28 17:39:35 -08:00
Tom Eastep	546a48543d	Propagate LOG_VERBOSITY Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-28 17:30:11 -08:00
Tom Eastep	39883aa690	Eliminate LOG_VERBOSE Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-28 16:58:30 -08:00
Tom Eastep	fb55d63eaf	Allow verbosity to be separate from -V Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-28 16:42:50 -08:00
Tom Eastep	333ac21c2f	Prepare the footers for 4.6. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-28 15:25:25 -08:00
Tom Eastep	83ed0a401b	I'll eventually get it the way I like it Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-28 13:45:33 -08:00
Tom Eastep	585711caa8	Even simpler RE for detecting builtins Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-28 13:29:26 -08:00
Tom Eastep	693d0e5d4c	Make new test in add_jump() a bit safer. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-28 12:44:29 -08:00
Tom Eastep	d2992c21f4	Update version to Beta 2	2010-02-28 09:04:37 -08:00
Tom Eastep	061d850c16	Rename RESTOREPATH to g_restorepath Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-26 08:35:50 -08:00
Tom Eastep	7fe7ebc891	Fix Handling of NFQUEUE(queue-num) in policies Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-25 08:44:28 -08:00
Tom Eastep	70a246501e	Update version of Tc.pm Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-23 07:08:48 -08:00
Tom Eastep	3fc10cd94b	Prepend 'SW_' to constructed shell variable names. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-22 10:27:59 -08:00
Tom Eastep	2a965d42b9	Add a comment Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-21 07:57:34 -08:00
Tom Eastep	6307653a01	Pick up one fix from 4.4.7.4 regarding CONTINUE rules. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-20 09:42:58 -08:00
Tom Eastep	edaf541850	Don't apply rate limiting twice in ACCEPT+ rules Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-19 14:01:45 -08:00
Tom Eastep	ceff8adc78	Restore duplicate interface detection in tcinterfaces. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-18 16:11:30 -08:00
Tom Eastep	3a2173ddb4	Some code cleanup in Tc.pm. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-18 15:56:59 -08:00
Tom Eastep	ea8be87720	Use Hex representation of device numbers > 9 in simple TC. Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-18 12:53:01 -08:00
Tom Eastep	00b0490cd7	Create a unique hashtable for each instance of a per-IP rate limit Signed-off-by: Tom Eastep <teastep@shorewall.net>	2010-02-17 15:39:21 -08:00

1 2 3 4 5 ...

697 Commits