holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity
13,676 Commits 104 Branches 736 Tags 54 MiB
31cdd6dbcb
Commit Graph

6582 Commits

Author SHA1 Message Date
Tom Eastep
ed90360b4c Remove all of the update-specific options from the update command 
Leave -i and -A

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-31 14:21:41 -07:00
Tom Eastep
6a374b80e0 Correct INLINE handling 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-31 12:36:05 -07:00
Tom Eastep
9638033e24 Cosmetic changes to first_entry() calls 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

Conflicts:
	Shorewall/Perl/Shorewall/Tc.pm
 2015-08-31 11:33:32 -07:00
Tom Eastep
87ef6f730f Correct a typo 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-31 11:21:37 -07:00
Tom Eastep
53223e1440 Uniform mechanism for inserting conversion comments 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

Conflicts:
	Shorewall/Perl/Shorewall/Tc.pm
 2015-08-31 11:21:18 -07:00
Tom Eastep
9b886a99af Fix $convert/$tcrules mess 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

Conflicts:
	Shorewall/Perl/Shorewall/Tc.pm
 2015-08-31 11:19:42 -07:00
Tom Eastep
c77d18965a Place a header in a created mangle file during update -t 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

Conflicts:
	Shorewall/Perl/Shorewall/Tc.pm
 2015-08-31 11:16:45 -07:00
Tom Eastep
5a6586e06c Don't enforce FASTACCEPT/BLACKLISTNEWONLY on convert 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-31 11:14:49 -07:00
Tom Eastep
60e08322c5 Update man pages for 'minute' and 'second' in LOGLIMIT specifications 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-31 11:14:37 -07:00
Tom Eastep
df73f4b925 Assume EXPORTMODULES=No if it doesn't exist in old file during update 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-31 11:14:26 -07:00
Tom Eastep
be81ace811 Read capabilities file before the .conf file 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-31 11:11:25 -07:00
Tom Eastep
e15a6f452e Cosmetic changes to first_entry() calls 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-31 10:54:30 -07:00
Tom Eastep
656eaabce9 Correct a typo 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-31 09:39:40 -07:00
Tom Eastep
f42dc6def1 Uniform mechanism for inserting conversion comments 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-30 15:35:05 -07:00
Tom Eastep
6e303aef69 Fix $convert/$tcrules mess 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-29 18:52:11 -07:00
Tom Eastep
ab260dc5b1 Place a header in a created mangle file during update -t 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-29 12:52:21 -07:00
Tom Eastep
55ab498291 Don't enforce FASTACCEPT/BLACKLISTNEWONLY on convert 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-29 12:51:52 -07:00
Tom Eastep
10cda4cee7 Update man pages for 'minute' and 'second' in LOGLIMIT specifications 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-27 15:49:59 -07:00
Tom Eastep
de74273dbb Assume EXPORTMODULES=No if it doesn't exist in old file during update 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-27 15:15:03 -07:00
Tom Eastep
af1e2f6c8b Read capabilities file before the .conf file 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-27 11:26:26 -07:00
Tom Eastep
dc2406d25b update -t also converts the 'tos' file 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-26 13:51:02 -07:00
Tom Eastep
e0734a45ee Allow 'seconds' and 'minutes' in LOGLIMIT specifications 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-26 12:53:36 -07:00
Tom Eastep
28df894add Improve 'update' 
- convert BLACKLISTNEWONLY
- convert LOGRATE and LOGBURST
- default USE_DEFAULT_RT to No

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-26 12:50:56 -07:00
Tom Eastep
b0bf726c7e Let 'update' default USE_DEFAULT_RT to 'No' 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-26 12:40:16 -07:00
Tom Eastep
ad06ec3eef Correct IPV6 range parsing 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-26 11:52:51 -07:00
Tom Eastep
71611233fb Correct IPV6 range parsing 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-26 11:51:29 -07:00
Tom Eastep
7a98c7b9e5 More 'update' fixes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-25 15:55:49 -07:00
Tom Eastep
dc73832570 Delete unneeded 'my' 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-25 14:36:53 -07:00
Tom Eastep
f5d1ec0243 Delete EXPORTPARAMS from %config 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-25 14:36:14 -07:00
Tom Eastep
f9ae28aeea The -t option also converts the 'tos' file. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-24 14:56:24 -07:00
Tom Eastep
eae492cef5 Some rules manpage updates 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-22 09:24:47 -07:00
Tom Eastep
2451c14d8c Some rules manpage updates 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-22 08:27:52 -07:00
Tom Eastep
a30fdb356d Update man pages for required '?' in COMMENT, SECTION and FORMAT lines 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-22 08:00:38 -07:00
Tom Eastep
a709395949 Allow 'none' in the log level argument to AutoBL 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-21 13:40:12 -07:00
Tom Eastep
98e5d54b92 Allow 'none' in the log level argument to AutoBL 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-21 13:39:25 -07:00
Tom Eastep
f4776bf388 Eliminate WIDE_TC_MARKS, HIGH_ROUTE_MARKS and BLACKLISTNEWONLY 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-21 12:42:19 -07:00
Tom Eastep
80acdd2836 Disallow bare COMMENT, SECTION and FORMAT lines 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-21 11:18:40 -07:00
Tom Eastep
40d1d86d2c Drop support for the 'tos' file 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-20 15:35:03 -07:00
Tom Eastep
26fca41e27 Eliminate discontinued files and manpages 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-20 15:17:48 -07:00
Tom Eastep
5af5c67c75 Update a message to refer to the 'mangle' file rather than 'tcrules' 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-20 14:54:54 -07:00
Tom Eastep
7956c5f6e0 Update a message to refer to the 'mangle' file rather than 'tcrules' 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-20 14:48:29 -07:00
Tom Eastep
5a08f8bf4e Correct shorewall-mangle(5) examples 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-20 11:09:42 -07:00
Tom Eastep
c59cb1351c Update manpages for new update options 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-20 11:08:10 -07:00
Tom Eastep
82330395e9 Correct grammer in an error message 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-20 09:25:32 -07:00
Tom Eastep
9a6f16903b Use NYTProf for profiling. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-20 09:21:47 -07:00
Tom Eastep
9f2958fd27 Correct wording of an error message 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-20 09:21:20 -07:00
Tom Eastep
4b003163d6 Use NYTProf for profiling. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-19 14:05:15 -07:00
Tom Eastep
39982c20c4 Restore the text of tcrules warning message 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-19 12:34:35 -07:00
Tom Eastep
2b1f33c391 Don't unlink the tcrules file. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-19 11:48:23 -07:00
Tom Eastep
1c33717cf5 Reverse the change to delete host routes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-19 11:06:28 -07:00
Tom Eastep
cd8fe38c85 Delete host routes added to the main routing table for providers 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-19 10:44:37 -07:00
Tom Eastep
d525419c65 Correct wording of an error message 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-19 10:44:00 -07:00
Tom Eastep
9d3f35a22d Enable new update options in compiler.pl 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-16 11:57:36 -07:00
Tom Eastep
6bdf90631c Fix a couple of bugs in 5.0.0 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-16 10:05:21 -07:00
Tom Eastep
c604823053 Default to FORMAT-2 macros and actions. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-14 16:11:41 -07:00
Tom Eastep
12f8cbae29 Correct the test for the existence of the routestopped file 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-14 15:29:52 -07:00
Tom Eastep
4de6638385 Correct handling of termination after .conf file not updated 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-14 09:32:27 -07:00
Tom Eastep
0cef7fad35 Add conversion version and date to the converted files. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-14 09:32:17 -07:00
Tom Eastep
ea2a35415e Correct convert_blacklist() 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-14 09:32:01 -07:00
Tom Eastep
4cc7a1b87d Correct tcrules update 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

Conflicts:
	Shorewall/Perl/Shorewall/Tc.pm
 2015-08-14 09:31:36 -07:00
Tom Eastep
7c2a969de0 Correct handling of notrack file. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-14 09:26:45 -07:00
Tom Eastep
8bdea65325 Update manpages for new update options 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-13 16:12:28 -07:00
Tom Eastep
fd46c0ffed Correct handling of termination after .conf file not updated 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-13 15:42:38 -07:00
Tom Eastep
60acddbb37 Add conversion version and date to the converted files. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-13 14:37:13 -07:00
Tom Eastep
306dc34b31 Correct convert_blacklist() 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-13 13:22:14 -07:00
Tom Eastep
f5c6a6fe82 Correct tcrules update 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-13 13:21:51 -07:00
Tom Eastep
af2b7910bd Port update changes from 5.0.0 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-12 12:33:09 -07:00
Tom Eastep
3b59e46799 Restore Debian-specific service files 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-12 10:19:07 -07:00
Tom Eastep
2ab8bd3040 More update fixes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-09 14:31:47 -07:00
Tom Eastep
0d635632e3 Add conversion of notrack to conntrack 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-08 16:46:58 -07:00
Tom Eastep
fb2d261cdb More Fixes for update 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-08 12:42:32 -07:00
Tom Eastep
88f9a3e255 Allow zero-valued options on multi-zoned interfaces 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-07 14:30:21 -07:00
Tom Eastep
4c4c5a436a Allow zero-valued options on multi-zoned interfaces 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-07 14:09:08 -07:00
Tom Eastep
73c8b563a1 Add -s option to update to convert the routestopped file 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-07 13:46:16 -07:00
Tom Eastep
d949824f94 Correct shorewall-mangle(5) examples 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-06 10:15:57 -07:00
Tom Eastep
2162d79b5f Manual Page Uptates 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-03 15:09:16 -07:00
Tom Eastep
0f61bd34e6 Drop support for the 'blacklist' zone option 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-03 14:45:52 -07:00
Tom Eastep
d8d1e96e0d Delete manpages for files no longer supported 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-03 14:37:15 -07:00
Tom Eastep
f4620606b3 Drop support for the 'blacklist' file. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-03 14:35:51 -07:00
Tom Eastep
65baa7e3b8 Drop support for the tcrules file 
- The upgrade -t option is still available

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-03 12:34:22 -07:00
Tom Eastep
e5c7ded951 Drop support for the 'notrack' file 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-03 11:36:54 -07:00
Tom Eastep
8bed5c9d65 Drop support for the IPSECFILE option 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-03 10:11:52 -07:00
Tom Eastep
037e92a60e Eliminate some config options 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-01 14:28:12 -07:00
Tom Eastep
2165f746e6 Update .conf documents for 'reload' 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-01 12:58:08 -07:00
Tom Eastep
ef9e75753a Restore .214 files 
- Also merge Debian changes from 4.6.12

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-08-01 11:23:35 -07:00
Tom Eastep
85648bded1 Deimplement several .conf options 
- LOGRATE/LOGBURST
- EXPORTPARAMS
- LEGACY_FASTSTART
 2015-08-01 11:11:35 -07:00
Tom Eastep
67589cab69 More version changes 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-07-28 10:59:11 -07:00
Tom Eastep
f40373d60c Update config file version and copyrights 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-07-28 10:50:19 -07:00
Tom Eastep
fa7248c58c Add the LEGACY_RESTART option. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-07-27 09:19:52 -07:00
Tom Eastep
0a7c65ae0d Allow connlimit by destination 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-07-26 14:26:58 -07:00
Tom Eastep
6e0fb1ab88 Correct syntax error 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-07-26 14:16:12 -07:00
Tom Eastep
34f58bd6ac Correct formatting in the rules file man pages 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-07-26 11:36:14 -07:00
Tom Eastep
cecc81ce82 Update .service files 
- make the .214 versions the default and remove the ones name *.214
- Add 'ExecReload' to all but Shorewall-init
- Create Debian-specific versions with /etc/default rather than /etc/sysconfig
 2015-07-26 10:58:03 -07:00
Tom Eastep
a00bf196a3 Remove all workarounds 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-07-26 10:27:30 -07:00
Tom Eastep
f9ec0c6930 New 'reload' and 'restart' semantics 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-07-26 09:59:49 -07:00
Tom Eastep
df817b6d2c Correct formatting in the interfaces man pages 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-07-13 13:06:53 -07:00
Tom Eastep
d0fc7f6547 Add some comments to the Zones module 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-07-13 12:57:00 -07:00
Tom Eastep
5704438a44 Second Wave of changes to make script output reproducable 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-07-12 15:00:41 -07:00
Tom Eastep
014ec1af1d First phase of producing consistent scripts with Perl >= 5.18.0 
Beginning with Perl 5.18.0, the order of elements returned by the 'keys'
and 'each' iterators is no longer deterministic. This is the first wave
of Shorewall changes to compensate for this irrational behavior.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-07-12 10:54:48 -07:00
Tom Eastep
bc8156b503 Include Compiler version in the compiler progress commands 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2015-07-08 12:53:42 -07:00