Tom Eastep
2efa2796d3
More new rule interface calls in the Misc module
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-17 15:12:58 -07:00
Tom Eastep
b2305ca9cf
Convert Tunnels file to use irules
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-17 11:33:01 -07:00
Tom Eastep
a211f8fd0f
Infrastructure for new rule interface
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-17 10:37:15 -07:00
Tom Eastep
f3f535abac
POC of new rule interface
...
Also removed FAKE_AUDIT option
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-17 08:35:09 -07:00
Tom Eastep
950c32d46b
Convert add_commands() calls to the equivalent add_rule() calls.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-16 16:31:29 -07:00
Tom Eastep
03913019d8
Mark DHCP rules for the convenience of move_rules().
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-16 15:34:57 -07:00
Tom Eastep
27621fa0f9
Impose some structure on setting rule options
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-16 14:46:34 -07:00
Tom Eastep
0f742187ae
Implement intermediate rule representation
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-16 09:41:53 -07:00
Tom Eastep
9661b445f2
Make install/uninstall files version independent
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-13 07:29:47 -07:00
Tom Eastep
d1b8d7b953
Make perl modules version-neutral
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-10 15:10:27 -07:00
Tom Eastep
11c580de54
Fix exclusion in IPv6 hosts file.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-09 17:27:09 -07:00
Tom Eastep
e21ff03339
Fix ipsets in IPv6 hosts file
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-09 16:17:35 -07:00
Tom Eastep
fbeddca6a4
Another IPv6 ipset issue (z:!+set in the DEST column)
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-09 15:40:18 -07:00
Tom Eastep
a998476d00
Correct Accounting module version
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-09 07:08:47 -07:00
Tom Eastep
6c802d3353
Tighten up source and dest checking in expand_rule()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-09 07:08:39 -07:00
Tom Eastep
1f30976790
Correct change that tightened editing of IPv6 addresses
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-08 18:34:33 -07:00
Tom Eastep
22f1d1ba89
Another fix for IPv6 and IPSETs
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-08 16:31:35 -07:00
Tom Eastep
a8daff0008
Correct handling of <interface>:+<ipset> in Shorewall6.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-08 15:57:08 -07:00
Tom Eastep
b70666eaf6
Move .spec files to release/
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-08 10:07:08 -07:00
Tom Eastep
27b99a62d0
Move known problems file to release sub-directory
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-08 09:14:54 -07:00
Tom Eastep
76c97a1cc4
Move release documents to their own directory
2011-07-07 15:51:50 -07:00
Tom Eastep
7fa59706c5
Correct TPROXY/IPv6 address fix
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-07 14:50:44 -07:00
Tom Eastep
3f903fe3f1
Allow IPv6 Address as the third argument to TPROXY
...
- also update the manpages to describe TPROXY
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-07 06:43:16 -07:00
Tom Eastep
cf5613441d
Correct loading of xt_ipset
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-05 15:57:14 -07:00
Tom Eastep
95acabe97e
Make load and reload use the .conf file in the CWD
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-05 15:56:38 -07:00
Tom Eastep
1c199a2644
Add semicolons in new actions.
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-04 14:59:07 -07:00
Tom Eastep
20cee7649e
Change quotes in action.Broadcast
2011-07-04 13:32:32 -07:00
Tom Eastep
a355141f40
Correct typo in .spec files
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-04 13:13:52 -07:00
Tom Eastep
87870ad121
Add new actions to the .spec file
2011-07-04 13:01:49 -07:00
Tom Eastep
e1d8d71348
Version to 4.4.22 Beta 1
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-04 09:36:54 -07:00
Tom Eastep
dd353eeafb
Allow optimizatin of Invalid and NotSyn chains
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-04 07:50:25 -07:00
Tom Eastep
c4ba1089e6
Don't include IPv6 code in Shorewall/action.Broadcast
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-04 07:49:38 -07:00
Tom Eastep
6be8c08673
Create action chain without leading % when possible
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-04 07:48:52 -07:00
Tom Eastep
863881841a
Add action.Invalid and action.NotSyn and modify action.Drop and action.Reject to use them
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-03 17:14:36 -07:00
Tom Eastep
1536ff4b92
Corrections to dropBcast/allowBcast
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-03 15:58:19 -07:00
Tom Eastep
bd1d7d6f92
Don't quote the empty setting of LOGLIMIT
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-03 15:55:45 -07:00
Tom Eastep
f96c32634c
Make config file quoting more consistent with update
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-03 15:55:27 -07:00
Tom Eastep
befc8a00f6
Create parameterized action.Broadcast
...
- replace invocations of dropBcast with invocations of Broadcast(DROP,...)
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-03 08:58:30 -07:00
Tom Eastep
24deabb03f
Merge branch '4.4.21'
2011-07-03 08:48:27 -07:00
Tom Eastep
9691a8ceb3
Don't collapse '-' and '--' in @actparms
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-03 08:47:53 -07:00
Tom Eastep
029ac610fe
Merge branch '4.4.21'
2011-07-03 07:23:09 -07:00
Tom Eastep
d31e2d67ba
DEFAULTS directive enforces max number of parameters
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-03 07:22:29 -07:00
Tom Eastep
62c62441bb
Eliminate duplicate function definitions
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-03 07:04:52 -07:00
Tom Eastep
d99090978d
Merge branch '4.4.21'
2011-07-03 06:40:08 -07:00
Tom Eastep
5b06e88b3d
Push/Pop comment during action processing
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-03 06:37:41 -07:00
Tom Eastep
7e3f97c154
Prepare for more parameterized actions
...
- Export add_commands, incr_cmd_level and decr_cmd_level by default
- Move ensure_audit_chain and require_audit from Rules.pm to Chains.pm
- Add get_action_logging() function
- Export require_capability and have_capability by default
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-03 06:22:51 -07:00
Tom Eastep
ad71faacaa
Correct push_action_params()
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-02 17:02:39 -07:00
Tom Eastep
42aa3724af
Trace system calls when debugging
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-02 08:37:57 -07:00
Tom Eastep
4ea8a65cd9
Trace system calls when debugging
...
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-02 08:27:17 -07:00
Tom Eastep
afa5ea3fd2
Minor tweaks to Config.pm
...
- Look for unprintable gunk in lines processed by split_line1()
- Modify a comment
- replace awkward close/assert statement
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2011-07-02 08:10:43 -07:00