Commit Graph

10834 Commits

Author SHA1 Message Date
Tom Eastep
5d4a0172b7 A bit of cleanup
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-05 09:32:26 -07:00
Tom Eastep
835a056eb8 Implement BLACKLIST section in the rules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-03 16:02:01 -07:00
Tom Eastep
0e83e105c6 Implement BLACKLIST section in the rules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-03 12:33:31 -07:00
Tom Eastep
e09aa8662b Correct title in action.TCPFlags
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-03 09:05:38 -07:00
Tom Eastep
57650e8dd9 Add two new actions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-02 18:41:58 -07:00
Tom Eastep
0a5d5821ec Support additional forms of column/value pair specification
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-02 11:45:55 -07:00
Tom Eastep
e728d663f9 Implement IPTABLES_S capability
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-01 13:54:52 -07:00
Tom Eastep
2f0829596f Fix format-1 Actions 2011-10-01 12:17:29 -07:00
Tom Eastep
f6092ee52d Eliminate the maxcolumns argument to the split_line functions
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-01 11:39:12 -07:00
Tom Eastep
072f4752fc Get rid of minimum column requirement
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-10-01 09:56:25 -07:00
Tom Eastep
5aa4534fbe Correct copyright date in the Shorewall Lite doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-29 07:20:01 -07:00
Tom Eastep
765ec27fbb Correct URL in the Documentation Index 2011-09-27 18:34:23 -07:00
Tom Eastep
a3d4edfd1f Reorganize Shorewall Lite docs 2011-09-27 18:13:57 -07:00
Tom Eastep
37da8b5808 Rename and refine Shorewall Lite doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-27 15:44:19 -07:00
Tom Eastep
11064202a5 Update features 2011-09-26 17:32:06 -07:00
Tom Eastep
2b7515f434 Refer manpage readers to the 'Pairs' information
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-26 10:16:52 -07:00
Tom Eastep
c76957cc39 Reword an error message
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-26 08:51:05 -07:00
Tom Eastep
4c7f1a03a0 Catch multiple semicolons on a line.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-26 07:42:44 -07:00
Tom Eastep
9a4dfc4394 Implement an alternate way of specifying column contents.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-25 17:08:53 -07:00
Tom Eastep
da5b6b99d4 Implement TTL support in tcrules.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-24 16:17:52 -07:00
Tom Eastep
dbf5f17b41 More tweaks to switch implementation.
1) Switch names may be 30 characters long.
2) Switch settings are retained over restart.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-24 07:34:58 -07:00
Tom Eastep
40bc6df07a Correct handling of SWITCH column
- Handle exclusion
- Correctly detect CONDITION_MATCH at compile time
- Include condition match in the filter part of a NAT rule

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 15:01:40 -07:00
Tom Eastep
12bfc14c5f More SWTICH changes.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 14:44:20 -07:00
Tom Eastep
76707d29ba Make find_first_interface_address() more lenient on IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 14:44:01 -07:00
Tom Eastep
caddd65412 Rename condition->switch and add more documentation.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-23 12:33:55 -07:00
Tom Eastep
cf80dc8858 Document OpenVZ brokenness on Squeeze 2011-09-21 19:27:38 -07:00
Tom Eastep
13679187b9 Merge branch 'master' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-21 15:22:38 -07:00
Tom Eastep
75b4540d26 Add support for condition match in the rules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-21 15:20:50 -07:00
Tom Eastep
e8f51150dd Add support for condition match in the rules file
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-21 08:13:44 -07:00
Tom Eastep
7978993d2b Validate NET2 in IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-20 16:24:39 -07:00
Tom Eastep
d005536fcc Merge branch 'master' of ssh://shorewall.git.sourceforge.net/gitroot/shorewall/shorewall
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-20 16:20:34 -07:00
Tom Eastep
a5e05c9e8e Don't allow long port lists or icmp lists in netmap 2011-09-19 13:27:27 -07:00
Tom Eastep
990d6e504d Correct icmp-type and icmpv6-type 2011-09-19 10:05:58 -07:00
Tom Eastep
fd1e996fb1 Correct call to dest_iexclusion()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-19 08:28:29 -07:00
Tom Eastep
e894e15fa1 More netmap updates
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-19 08:28:04 -07:00
Tom Eastep
e01276225c Correct port order in the netmap file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-19 06:17:02 -07:00
Tom Eastep
c2bcb08483 Add 'i' versions of exclusion functions.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-18 14:12:22 -07:00
Tom Eastep
379d1d3201 Document how to use IPv6 netmap
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-18 10:56:11 -07:00
Tom Eastep
2749857eb2 Support 'shorewall6 show rawpost'
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-18 06:57:57 -07:00
Tom Eastep
95a83f7fdf Allow exclusion in the netmap file's NET1 column 2011-09-17 09:20:15 -07:00
Tom Eastep
5aac5870a1 Call setup_netmap if IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-17 07:31:18 -07:00
Tom Eastep
b2a255f8c3 Merge branch '4.4.23' 2011-09-17 07:05:26 -07:00
Tom Eastep
dd836507e0 Correct capitalization (SHARED->Shared)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-16 10:27:49 -07:00
Tom Eastep
86847957bf Merge branch '4.4.23' 2011-09-16 09:03:43 -07:00
Tom Eastep
76fc55d750 Fix TC_ENABLED=Shared
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-16 06:50:34 -07:00
Tom Eastep
551f93762d Correct two typos in the Proxy ARP doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-15 14:46:50 -07:00
Tom Eastep
be1765f44d Don't emit 'enable' code for required providers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-15 14:46:29 -07:00
Tom Eastep
895d2f34c5 Externalize stateless NAT for IPv6
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-15 14:27:05 -07:00
Tom Eastep
a42e511638 Correct two typos in the Proxy ARP doc
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-14 13:37:55 -07:00
Tom Eastep
fcb8fa79c0 Don't emit 'enable' code for required providers
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-09-14 08:25:47 -07:00