Tom Eastep
ec848ebc01
Parenthesize qa/.../ in embedded Perl
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-17 10:09:23 -08:00
Tom Eastep
ba5db8753e
Fix CT helpers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-17 08:59:27 -08:00
Tom Eastep
9d66f34932
Allow config options to be used as shell variables
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-15 12:52:22 -08:00
Tom Eastep
10d10b1c16
Remove a redundant capability test
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-15 12:52:06 -08:00
Tom Eastep
6194eceaa4
Restore text of 'Provider "..." compiled' message
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-15 12:51:39 -08:00
Tom Eastep
8ac5f6c086
use specified tool for capabilities detection
2011-12-11 16:28:40 -08:00
Tom Eastep
cc78073ce7
Merge lib.cli-lite into lib.cli
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-11 13:15:30 -08:00
Tom Eastep
4cf564e7c9
Move startup_error() to lib.cli, plus cosmetic changes
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-08 22:00:48 -08:00
Tom Eastep
eec8a4edaf
Cosmetic cleanup
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-07 13:04:20 -08:00
Tom Eastep
eaad3d836c
Correct library name in header comments
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-06 19:05:55 -08:00
Tom Eastep
2142baca4f
Avoid inappropriate RELATED,ESTABLISHED rules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-06 19:04:43 -08:00
Tom Eastep
645e8dfea0
Straighten out LITEDIR
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-06 15:39:18 -08:00
Tom Eastep
004d0bcc38
Allow rules in the RELATED section when there are non-default settions of
...
the new RELATED_* options.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-06 13:38:11 -08:00
Tom Eastep
43913915f9
Combine the CLIs into a single 'shorewall' file.
...
Add lib.cli-lite and lib.cli-std to contain the functions that are different
between the full products and the lite ones.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-06 12:54:51 -08:00
Tom Eastep
c724e238e6
Move the bulk of command processing to lib.cli
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-06 07:47:34 -08:00
Tom Eastep
e762998f1e
Allow spaces in the argument to the iprange command.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-06 06:44:15 -08:00
Tom Eastep
d4957696d1
Update man pages and sample files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 17:45:09 -08:00
Tom Eastep
439af55312
Implement RELATED_DISPOSITION and RELATED_LOG_LEVEL
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 16:08:17 -08:00
Tom Eastep
febe9e5222
Apply Chris Boot's fix for TC_ENABLED=Shared
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 12:22:48 -08:00
Tom Eastep
b27e2517b4
Unify capabilities detection
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 12:00:36 -08:00
Tom Eastep
94b8d07645
Correct fix for dynamic blacklisting (chain_exists())
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 07:01:16 -08:00
Tom Eastep
7fcdfd6655
Fix chain_exists() from IPv4
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-05 06:54:03 -08:00
Tom Eastep
2cffae738f
Initial implementation of CT target support in the 'notrack' file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-04 17:15:58 -08:00
Tom Eastep
a794027f63
Implement CT capability
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-04 14:35:53 -08:00
Tom Eastep
e7d2b1d4ed
Consolidate the lib.common files.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-04 09:19:48 -08:00
Tom Eastep
0d80b54ad9
Correct some issue with file consolidation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-03 13:13:25 -08:00
Tom Eastep
f89c78788f
Correct a couple of syntax errors in lib.cli
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-03 12:41:05 -08:00
Tom Eastep
252b6580c0
Load the common libs from /sbin/shorewall6
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-03 12:04:28 -08:00
Tom Eastep
4161c35108
Implement common lib.base, lib.cli and CLI for Shorewall[6][-lite]
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-03 10:59:01 -08:00
Tom Eastep
bc3782c3de
Pass $CONFIG_PATH to compiler.pl
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-02 09:31:26 -08:00
Tom Eastep
8c6914d1a2
Don't deprecate 'optional' for shared providers
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-01 11:23:22 -08:00
Tom Eastep
a27f5655a7
Merge branch '4.4.26'
2011-12-01 10:41:22 -08:00
Tom Eastep
99bf7fb994
Don't do TC stuff during enable/disable of a shared provider
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-01 10:41:03 -08:00
Tom Eastep
568e3b2e5b
Allow a provider name in addition to an interface name in enable/disable
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-01 10:32:54 -08:00
Tom Eastep
8f14485d67
Allow a provider name in addition to an interface name in enable/disable
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-01 10:30:42 -08:00
Tom Eastep
3110f7c74a
Add enable/disable commands to the CLIs
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-12-01 10:25:51 -08:00
Tom Eastep
d8caa6498a
Add tracing to Optimize 16.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-30 07:57:19 -08:00
Tom Eastep
3581b2667e
Don't install the blacklist file in /etc/shorewall[6]
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-27 14:39:59 -08:00
Tom Eastep
9e149ca038
Correct default values during update
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-27 14:12:51 -08:00
Tom Eastep
61d5c6d6da
Implement Shorewall::Chains::clone_rule()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-26 09:36:02 -08:00
Tom Eastep
3498076a96
Accurately compare rule key values that are array references.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-26 08:03:02 -08:00
Tom Eastep
15d95b6977
Fix SAME target.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-26 07:48:03 -08:00
Tom Eastep
5cdb74168f
Correct port list capture with --multiport.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-25 16:22:23 -08:00
Tom Eastep
613e41c25a
Enable OPT 16 in check -r; Suppress duplicate rules
2011-11-25 16:05:07 -08:00
Tom Eastep
90e03e1833
Even more tweaks to optimize 16
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-25 14:46:37 -08:00
Tom Eastep
71bbd7963c
Some tweaks to optimize 16
2011-11-25 10:42:10 -08:00
Tom Eastep
f305da9d0d
Require extended multi-port match for OPTIMIZE 16.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-24 10:57:09 -08:00
Tom Eastep
8d8a681f40
Implement optimization level 16
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-24 10:22:04 -08:00
Tom Eastep
4559c8b5d0
Tweaks to convert_blacklist()
...
- Reword an error message to handle both missing file and zero-sized file.
- Don't rename file that doesn't exist.
2011-11-21 12:13:39 -08:00
Tom Eastep
dffb79e7bd
Handle empty blacklist file in 'update -b'
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-11-20 17:02:01 -08:00