holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity
10,731 Commits 104 Branches 736 Tags 54 MiB
3258806f6c
Commit Graph

1779 Commits

Author SHA1 Message Date
Tom Eastep
3258806f6c Insure that 32767 default rule exists on IPv6. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-24 21:15:09 -07:00
Tom Eastep
ccdda4c73b Tighten the rule compatibility test in sub compatible(). 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-24 13:16:17 -07:00
Tom Eastep
3c98094242 Combine all IPV6 filtering in the routing table copy routines 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-24 13:15:36 -07:00
Tom Eastep
14764acd2d Restore a blank line in the generated script 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-24 08:50:15 -07:00
Tom Eastep
ee66be8f32 Place all ip-address rules at priority 20000. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-23 17:11:41 -07:00
Tom Eastep
54ba4ed879 Add MARK column to route_rules 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-23 07:56:53 -07:00
Tom Eastep
4b419f7497 Cleanup if IPv6 provider work 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-22 12:48:07 -07:00
Tom Eastep
d3d9380df5 Don't combine incompatible chains 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-21 11:55:30 -07:00
Tom Eastep
f31f3dc92a Implement 'fallback' and 'balance' for IPv6 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-21 11:55:15 -07:00
Tom Eastep
20cd943a60 Make route-table copying work on IPv6 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-20 10:32:09 -07:00
Tom Eastep
a42e2dff7f Allow caps in IPv6 addresses 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-19 07:47:49 -07:00
Tom Eastep
62d43ab6dd Cleanup of new IN-BANDWIDTH handling. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-18 05:53:50 -07:00
Tom Eastep
dbe936c7c9 Cleanup of new IN-BANDWIDTH handling (avoids a syntax error) 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-17 06:29:27 -07:00
Tom Eastep
4d83201843 Allow configuraton of a rate estimated policing filter 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-16 14:38:27 -07:00
Tom Eastep
ebc944f027 Add optional MTU parameter in IN_BANDWIDTH 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-16 10:52:45 -07:00
Tom Eastep
a077a9821d Implement rate estimation 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-11 15:27:24 -07:00
Tom Eastep
25a6f10025 Fix complex traffic shaping 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-11 10:52:37 -07:00
Tom Eastep
ede17cb771 Restore lost function from merging 4.4.24 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-10 16:51:27 -07:00
Tom Eastep
6d56a8aa45 Merge branch '4.4.24' 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-10 06:57:05 -07:00
Tom Eastep
a12a4a5a89 Add '6in4' as a synonym for '6to4' 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-10 06:54:31 -07:00
Tom Eastep
99b21fdfc5 Implement HL manipulation for IPv6 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-09 14:01:40 -07:00
Tom Eastep
668926c2a6 Add BALANCE_TABLE. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-09 09:00:14 -07:00
Tom Eastep
a5010ec9a6 Correct alternate specification in the tunnels file. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-09 08:50:55 -07:00
Tom Eastep
31e0b186bf More fixes for 'fallback' without weight 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-09 07:53:59 -07:00
Tom Eastep
809f27decd More alternate-specification fixes. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-09 07:06:01 -07:00
Tom Eastep
8115934adf More alternate-specification fixes. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-09 07:05:08 -07:00
Tom Eastep
035db174d8 Fix 'fallback' without weight 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-09 06:58:41 -07:00
Tom Eastep
3afd6a3ad3 Correct proto column of the netmap file 2011-10-08 18:20:47 -07:00
Tom Eastep
2d6f5da6bc Correct proto column of the netmap file 2011-10-08 18:19:08 -07:00
Tom Eastep
c304661217 Fix earlier change 2011-10-08 17:10:23 -07:00
Tom Eastep
661606ef95 Merge branch '4.4.24' 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-08 17:07:12 -07:00
Tom Eastep
b5963c6783 Fix alternate nat handling 2011-10-08 17:01:18 -07:00
Tom Eastep
e6b120a805 Implement BALANCE table 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-08 13:54:39 -07:00
Tom Eastep
e322e60d73 Fix 'fallback' 2011-10-08 12:32:29 -07:00
Tom Eastep
04c2007d53 Resolve merge conflicts 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-08 07:03:01 -07:00
Tom Eastep
5d4a0172b7 A bit of cleanup 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-05 09:32:26 -07:00
Tom Eastep
835a056eb8 Implement BLACKLIST section in the rules file 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-03 16:02:01 -07:00
Tom Eastep
57650e8dd9 Add two new actions 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-02 18:41:58 -07:00
Tom Eastep
0a5d5821ec Support additional forms of column/value pair specification 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-02 11:45:55 -07:00
Tom Eastep
e728d663f9 Implement IPTABLES_S capability 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-01 13:54:52 -07:00
Tom Eastep
2f0829596f Fix format-1 Actions 2011-10-01 12:17:29 -07:00
Tom Eastep
f6092ee52d Eliminate the maxcolumns argument to the split_line functions 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-01 11:39:12 -07:00
Tom Eastep
072f4752fc Get rid of minimum column requirement 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-10-01 09:56:25 -07:00
Tom Eastep
c76957cc39 Reword an error message 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-26 08:51:05 -07:00
Tom Eastep
4c7f1a03a0 Catch multiple semicolons on a line. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-26 07:42:44 -07:00
Tom Eastep
9a4dfc4394 Implement an alternate way of specifying column contents. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-25 17:08:53 -07:00
Tom Eastep
da5b6b99d4 Implement TTL support in tcrules. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-24 16:17:52 -07:00
Tom Eastep
dbf5f17b41 More tweaks to switch implementation. 
1) Switch names may be 30 characters long.
2) Switch settings are retained over restart.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-24 07:34:58 -07:00
Tom Eastep
40bc6df07a Correct handling of SWITCH column 
- Handle exclusion
- Correctly detect CONDITION_MATCH at compile time
- Include condition match in the filter part of a NAT rule

Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-23 15:01:40 -07:00
Tom Eastep
caddd65412 Rename condition->switch and add more documentation. 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
 2011-09-23 12:33:55 -07:00